Securely and efficiently transferring sensitive information via a telephone

ABSTRACT

An apparatus includes a communications module that establishes a telephonic connection between a customer service representative of a company and a customer through an electronic device. An identification module receives an identifier that alerts the customer service representative and/or a computer system of the company that the customer has a customer profile that includes information to identify the customer. The identifier is received in conjunction with the telephonic connection. The customer profile is stored previous to the telephonic connection. An ID request module sends a request to the customer to provide identifying information via the electronic device of the customer. The identifying information is input to the electronic device by the customer using an electronic, non-verbal technique. An ID confirmation module receives an identification confirmation in response to the identifying information input by the customer matching the information to identify the customer in the customer profile.

CROSS REFERENCE TO RELATED APPLICATIONS

This is a continuation of and claims priority to U.S. patent applicationSer. No. 14/631,679 entitled SECURELY AND EFFICIENTLY TRANSFERRINGSENSITIVE INFORMATION VIA A TELEPHONE, filed Feb. 25, 2015 for AlanTruitt, et al., which is a continuation-in-part application of andclaims priority to U.S. patent application Ser. No. 14/198,384 entitledSECURELY AND EFFICIENTLY PROCESSING TELEPHONE ORDERS, filed Mar. 5, 2014for Alan Truitt, which is a continuation-in-part of U.S. patentapplication Ser. No. 13/967,608 entitled SECURELY AND EFFICIENTLYPROCESSING TELEPHONE ORDERS and filed on Aug. 15, 2013 for Alan Truitt,all of which are incorporated herein by reference.

FIELD

This invention relates to telephone communications and more particularlyrelates to securely and more efficiently transferring sensitive dateover a data network while simultaneously on the telephone, in essencebinding the phone and data transaction as one.

BACKGROUND

Online shopping has proliferated in the last decade and continues togrow. Websites allow consumers to make purchases without the assistanceof a customer service representative, streamlining the shoppingexperience. In addition, the automated storage and retrieval of customerinformation, including billing information, makes online transactionsfaster and more secure. For certain products and services, however,consumers may still need or desire to speak to a customer servicerepresentative. These products and services may be more complex orcustomers may simply be more comfortable being services by a humanbeing, and in some cases, customer service representatives can helpbusinesses complete a sale faster and more accurately than a websitealone. In general, customers who place an order through a customerservice representative will often give their billing informationdirectly to the customer service representative in order for thecustomer sales representative to process the order. If a businessalready has a customer's billing information stored in its computersystem, the customer service representative will often have access toand can view the customer billing information in order to process asales order. In many cases, however, companies do not have the billinginformation for customers when they are calling to place an order, andthis information must be captured to complete the order.

In addition to online shopping, numerous calls are made to airlinereservation desks, banks, insurance companies, healthcare companies,wireless companies, cable companies, medical professionals, and otherswhere sensitive information either needs to be collected or confirmed bya staff member, company service representative, etc. The customerproviding the information typically has no idea if the person at theother end of the phone is trustworthy and gathering this type ofsensitive information is time consuming.

SUMMARY

An apparatus for confirming identification of a customer includes acommunications module that establishes a telephonic connection between acustomer service representative of a company and a customer through anelectronic device of the customer. The apparatus includes, in oneembodiment, an identification module that receives an identifier. Theidentifier alerts the customer service representative and/or a computersystem of the company that the customer has a customer profile, and thecustomer profile includes information to identify the customer. Theidentifier is received in conjunction with the telephonic connection andthe customer profile is stored previous to the telephonic connection.

The apparatus includes, in one embodiment, an ID request module thatsends a request to the customer to provide identifying information viathe electronic device of the customer, where the identifying informationis input to the electronic device by the customer using an electronic,non-verbal technique. The apparatus, in one embodiment, includes an IDconfirmation module that receives an identification confirmation inresponse to the identifying information input by the customer matchingthe information to identify the customer in the customer profile.

In one embodiment, the apparatus includes a profile permission modulethat receives electronic access to the customer profile. The customerprofile includes personal information of the customer and the customerprofile is stored electronically in a computer system external to acomputer system available to the company and to the customer servicerepresentative. The profile permission module receives electronic accessto the customer profile after the ID confirmation module receives theidentification confirmation. In the embodiment, the apparatus includes aprofile access module that accesses the customer profile to transmitinformation from the customer profile to the computer system of thecompany over a computer network, where the transmitted information ofthe customer profile is unavailable for viewing by the customer servicerepresentative.

In one embodiment, at least a portion of the identifying informationinput by the customer through the electronic device is masked from thecustomer service representative. In another embodiment, the apparatusincludes a communications module that establishes a data connection, inconjunction with the telephonic connection, between the company and thecustomer. In another embodiment, the identifying information stored inthe customer profile includes a password and biometric information andwherein the identifying information input by the customer is inputthrough the electronic device using one or more of a camera of theelectronic device, a biometric reader of the electronic device, and/or akeyboard of the electronic device. In another embodiment, the customerprofile is stored via a server separate from the electronic device ofthe customer and the computer system of the company and the server sendsthe identification confirmation received by the ID confirmation module.

In one embodiment, the ID request module sends the request to thecustomer to provide the identifying information by sending an electronicmessage to the electronic device and/or transmitting a voice prompt ofthe customer service representative. In another embodiment, theapparatus includes a notification module that notifies the customerservice representative that the ID confirmation module received theidentification confirmation. In another embodiment, the apparatusincludes a registration module that receives and stores information inthe customer profile of the customer. The registration module receivesand stores the information in the customer profile in a transactionunrelated to the telephonic connection. In another embodiment, thecustomer profile of the customer includes one or more of a shippingaddress, a residential address, a business address, a phone number, afax number, an email address, a birth date, a social security number,healthcare information, a finger print, a retina scan, a password, auser name, a preference, family information, security questioninformation and financial information of the customer.

An apparatus for receiving sensitive information includes acommunications module that establishes a telephonic connection between acustomer service representative of a company and a customer through anelectronic device of the customer and an identification module thatreceives an identifier, where the identifier alerts the customer servicerepresentative and/or a computer system of the company that the customerhas a customer profile. The identifier is received in conjunction withthe telephonic connection and the customer profile is stored previous tothe telephonic connection. The apparatus, in one embodiment, includes aprofile permission module that receives electronic access to thecustomer profile. The customer profile includes personal information ofthe customer and the customer profile is stored electronically in acomputer system external to a computer system available to the companyand to the customer service representative. The apparatus, in oneembodiment, includes a profile access module that accesses the customerprofile to transmit information from the customer profile to thecomputer system of the company over a network, where the transmittedinformation of the customer profile is unavailable for viewing by thecustomer service representative.

In one embodiment, the customer profile includes information to identifythe customer and the apparatus includes an ID request module that sendsa request to the customer to provide identifying information via theelectronic device of the customer, where the identifying information isinput to the electronic device by the customer using an electronic,non-verbal technique, and an ID confirmation module that receives anidentification confirmation in response to the identifying informationinput by the customer matching the information to identify the customerin the customer profile. The profile permission module receiveselectronic access to the customer profile after the ID confirmationmodule receives the identification confirmation.

In another embodiment, the customer service representative establishesthe telephonic connection and receives the identifier through a displayinterface of a customer service application running on a computeraccessible to the customer service representative and the applicationreceives electronic access to the customer profile and accesses thecustomer profile to transmit information from the customer profile. Theapplication utilizes the information from the customer profile withoutdisplaying the information from the customer profile to the customerservice representative. In another embodiment, the profile access moduleincludes a limit module that limits information transmitted from thecustomer profile to information relevant to business interactionsbetween the customer and the company and that excludes transmitting ofinformation in the customer profile that is not relevant to businessinteractions between the customer and the company.

In one embodiment, the apparatus includes a notification module thatnotifies the customer service representative that the profile accessmodule has received the information from the customer profile. Inanother embodiment, information from the customer profile is received inresponse to an action by the customer, where the action approvestransmitting information from the customer profile to the computersystem of the company. In a further embodiment, the action by thecustomer includes an action by the customer to transmit the informationfrom the customer profile during the telephonic connection and/or adefault setting that provides permission to transmit the informationfrom the customer profile in response to establishing the telephonicconnection.

In another embodiment, the apparatus includes a communications modulethat establishes a data connection, in conjunction with the telephonicconnection, between the company and the customer. In another embodiment,the apparatus includes a registration module that receives and storesinformation in the customer profile of the customer. The registrationmodule receives and stores the information in the customer profile in atransaction unrelated to the telephonic connection. In anotherembodiment, information is passed among the company, the customer, andthird-parties includes one or more tokens, where the identifier and/orthe information from the customer profile are transmitted using one ormore tokens. In yet another embodiment, the customer profile of thecustomer includes one or more of a shipping address, a residentialaddress, a business address, a phone number, a fax number, an emailaddress, a birth date, a social security number, healthcare information,a finger print, a retina scan, a password, a user name, a preference,family information, security question information and financialinformation of the customer.

A method for confirming identification of a customer includesestablishing a telephonic connection between a customer servicerepresentative of a company and a customer through an electronic deviceof the customer and receiving an identifier, where the identifier alertsthe customer service representative and/or a computer system of thecompany that the customer has a customer profile. The customer profileincludes information to identify the customer, and the identifier isreceived in conjunction with the telephonic connection. The customerprofile is stored previous to the telephonic connection. The methodincludes, in one embodiment, sending a request to the customer toprovide identifying information via the electronic device of thecustomer, where the identifying information is input to the electronicdevice by the customer using an electronic, non-verbal technique, andreceiving an identification confirmation in response to the identifyinginformation input by the customer matching the information to identifythe customer in the customer profile.

In one embodiment, the method includes receiving electronic access tothe customer profile. The customer profile includes personal informationof the customer and the customer profile is stored electronically in acomputer system external to a computer system available to the companyand to the customer service representative. Receiving electronic accessto the customer profile is in response to receiving the identificationconfirmation. The method, in one embodiment, includes accessing thecustomer profile to transmit information from the customer profile tothe computer system of the company over a network, where the transmittedinformation of the customer profile is unavailable for viewing by thecustomer service representative.

In one embodiment, the identifying information stored in the customerprofile includes a password and biometric information and theidentifying information input by the customer is input through theelectronic device using a camera of the electronic device, a biometricreader of the electronic device, and/or a keyboard of the electronicdevice. In another embodiment, the method includes notifying thecustomer service representative that the identification confirmation wasreceived. In another embodiment, the method includes receiving andstoring information in the customer profile of the customer, wherereceiving and storing the information in the customer profile is in atransaction unrelated to the telephonic connection.

A method for receiving sensitive information includes establishing atelephonic connection between a customer service representative of acompany and a customer through an electronic device of the customer. Themethod includes, in one embodiment, receiving an identifier, where theidentifier alerts the customer service representative and/or a computersystem of the company that the customer has a customer profile. Theidentifier is received in conjunction with the telephonic connection andthe customer profile is stored previous to the telephonic connection.The method, in one embodiment, includes receiving electronic access tothe customer profile, where the customer profile includes personalinformation of the customer. The customer profile is storedelectronically in a computer system external to a computer systemavailable to the company and to the customer service representative. Themethod, in one embodiment, includes accessing the customer profile totransmit information from the customer profile to the computer system ofthe company over a network, where the transmitted information of thecustomer profile is unavailable for viewing by the customer servicerepresentative.

In one embodiment, the customer profile comprising information toidentify the customer and the method includes sending a request to thecustomer to provide identifying information via the electronic device ofthe customer, where the identifying information is input to theelectronic device by the customer using an electronic, non-verbaltechnique, and receiving an identification confirmation in response tothe identifying information input by the customer matching theinformation to identify the customer in the customer profile. Receivingelectronic access to the customer profile is in response to receivingthe identification confirmation.

In one embodiment, the customer service representative establishes thetelephonic connection and receives the identifier through a displayinterface of a customer service application running on a computeraccessible to the customer service representative and the applicationreceives electronic access to the customer profile and accesses thecustomer profile to transmit information from the customer profile. Theapplication utilizes the information from the customer profile withoutdisplaying the information from the customer profile to the customerservice representative.

In another embodiment, the method includes limiting informationtransmitted from the customer profile to information relevant tobusiness interactions between the customer and the company and excludestransmitting of information in the customer profile that is not relevantto business interactions between the customer and the company. Inanother embodiment, information passed among the company, the customer,and third-parties comprises one or more tokens, where the identifierand/or the information from the customer profile are transmitted usingone or more tokens.

An apparatus for a customer to confirm identification includes acommunications module that establishes a telephonic connection between acustomer service representative of a company and a customer through anelectronic device of a customer. The apparatus includes, in oneembodiment, an identification send module that sends an identifier,where the identifier alerts the customer service representative and/or acomputer system of the company that the customer has a customer profile.The customer profile includes information to identify the customer andthe identifier is received in conjunction with the telephonicconnection. The customer profile is stored previous to the telephonicconnection.

The apparatus, in one embodiment, includes an ID request receiver modulethat receives a request from the customer service representative and/orthe computer system of the company to provide identifying informationvia the electronic device of the customer and that displays the requestto the customer via the electronic device. The apparatus, in oneembodiment, includes an ID input module that receives the identifyinginformation through the electronic device from the customer using anelectronic, non-verbal technique. The apparatus includes, in oneembodiment, an ID comparison module that compares the identifyinginformation input by the customer with the information to identify thecustomer in the customer profile, and an ID confirmation transmit modulethat transmits an identification confirmation to the computer system ofthe company in response to the identifying information input by thecustomer matching the information to identify the customer in thecustomer profile.

In one embodiment, the apparatus includes a profile permission transmitmodule that provides electronic access to the customer profile. Thecustomer profile includes personal information of the customer and thecustomer profile is stored electronically in a computer system externalto a computer system available to the company and to the customerservice representative. The profile permission transmit module provideselectronic access to the customer profile after the ID confirmationtransmit module transmits the identification confirmation. The computersystem of the company accesses the customer profile to transmitinformation from the customer profile to the computer system of thecompany over a network and the transmitted information of the customerprofile is unavailable for viewing by the customer servicerepresentative.

In one embodiment, the apparatus includes an information limit modulethat limits which information in the customer profile is accessible bythe computer system of the company. In a further embodiment, theinformation limit module receives, from the customer, selections ofwhich information in the customer profile is accessible by the computersystem of the company. In another embodiment, the identifyinginformation stored in the customer profile includes a password andbiometric information and the identifying information input by thecustomer is input through the electronic device using a camera of theelectronic device, a biometric reader of the electronic device, and/or akeyboard of the electronic device.

In one embodiment, the customer profile is stored via a server separatefrom the electronic device of the customer and the computer system ofthe company and the server sends the identification confirmation to thecomputer system of the customer service representative. In anotherembodiment, at least a portion of the modules include at least a part ofan application running on the electronic device of the customer. Inanother embodiment, the apparatus includes a registration module thatreceives and stores information in the customer profile of the customer.The registration module receives and stores the information in thecustomer profile in a transaction unrelated to the telephonicconnection. In another embodiment, information passed among the company,the customer, and third-parties includes one or more tokens, where theidentifier and/or the information from the customer profile aretransmitted using one or more tokens. In one embodiment, at least aportion of the identifying information input by the customer through theelectronic device is masked from the customer service representative.

A method for a customer to confirm identification includes establishinga telephonic connection between a customer service representative of acompany and a customer through an electronic device of the customer andsending an identifier, where the identifier alerts the customer servicerepresentative and/or a computer system of the company that the customerhas a customer profile. The customer profile includes information toidentify the customer and the identifier is received in conjunction withthe telephonic connection. The customer profile is stored previous tothe telephonic connection. The method, in one embodiment, includesreceiving a request from the customer service representative and/or thecomputer system of the company to provide identifying information viathe electronic device of the customer and displaying the request to thecustomer via the electronic device. The method, in one embodiment,includes receiving the identifying information through the electronicdevice from the customer using an electronic, non-verbal technique,comparing the identifying information input by the customer with theinformation to identify the customer in the customer profile, andtransmitting an identification confirmation to the computer system ofthe company in response to the identifying information input by thecustomer matching the information to identify the customer in thecustomer profile.

In one embodiment, the method includes providing electronic access tothe customer profile, where the customer profile includes personalinformation of the customer. The customer profile is storedelectronically in a computer system external to a computer systemavailable to the company and to the customer service representative,where providing electronic access to the customer profile is in responseto transmitting the identification confirmation. The computer system ofthe company accesses the customer profile to transmit information fromthe customer profile to the computer system of the company over anetwork and the transmitted information of the customer profile isunavailable for viewing by the customer service representative.

In one embodiment, the method includes limiting which information in thecustomer profile is accessible by the computer system of the company. Ina further embodiment, the method includes receiving, from the customer,selections of which information in the customer profile is accessible bythe computer system of the company. In one embodiment, the methodincludes receiving and storing information in the customer profile ofthe customer in a transaction unrelated to the telephonic connection.

An apparatus for a customer to control transmission of sensitiveinformation includes a communications module that establishes atelephonic connection between a customer service representative of acompany and a customer through an electronic device of a customer and anidentification send module that sends an identifier. The identifieralerts the customer service representative and/or a computer system ofthe company that the customer has a customer profile. The customerprofile includes information to identify the customer and the identifieris received in conjunction with the telephonic connection. The customerprofile is stored previous to the telephonic connection. The apparatusincludes a profile permission transmit module that provides electronicaccess to the customer profile. The customer profile includes personalinformation of the customer. The customer profile is storedelectronically in a computer system external to a computer systemavailable to the company and to the customer service representative. Thecomputer system of the company accesses the customer profile to transmitinformation from the customer profile to the computer system of thecompany over a network. The transmitted information of the customerprofile is unavailable for viewing by the customer servicerepresentative.

In one embodiment, the apparatus includes an ID request receiver modulethat receives a request from the customer service representative and/orthe computer system of the company to provide identifying informationvia the electronic device of the customer and that displays the requestto the customer via the electronic device, and an ID input module thatreceives the identifying information through the electronic device fromthe customer using an electronic, non-verbal technique. In theembodiment, the apparatus includes an ID comparison module that comparesthe identifying information input by the customer with the informationto identify the customer in the customer profile, and an ID confirmationtransmit module that transmits an identification confirmation to thecomputer system of the company in response to the identifyinginformation input by the customer matching the information to identifythe customer in the customer profile. The profile permission transmitmodule provides electronic access to the customer profile after the IDconfirmation transmit module transmits the identification confirmation.

In one embodiment, the apparatus includes a profile permission transmitmodule that provides electronic access to the customer profile. Thecustomer profile includes personal information of the customer and thecustomer profile is stored electronically in a computer system externalto a computer system available to the company and to the customerservice representative. The profile permission transmit module provideselectronic access to the customer profile after the ID confirmationtransmit module transmits the identification confirmation. The computersystem of the company accesses the customer profile to transmitinformation from the customer profile to the computer system of thecompany over a network and the transmitted information of the customerprofile is unavailable for viewing by the customer servicerepresentative. In another embodiment, the apparatus includes aninformation limit module that limits which information in the customerprofile is accessible by the computer system of the company. In anotherembodiment, the customer profile is stored via a server separate fromthe electronic device of the customer and the computer system of thecompany and the server sends the identification confirmation to thecomputer system of the customer service representative.

BRIEF DESCRIPTION OF THE DRAWINGS

In order that the advantages of the invention will be readilyunderstood, a more particular description of the invention brieflydescribed above will be rendered by reference to specific embodimentsthat are illustrated in the appended drawings. Understanding that thesedrawings depict only typical embodiments of the invention and are nottherefore to be considered to be limiting of its scope, the inventionwill be described and explained with additional specificity and detailthrough the use of the accompanying drawings, in which:

FIG. 1A is a schematic block diagram illustrating one embodiment of asystem for processing telephone orders;

FIG. 1B is a schematic block diagram illustrating one embodiment of asystem for providing sensitive information while a consumer is connectedvia a telephone;

FIG. 2 is a schematic block diagram illustrating one embodiment of anapparatus for processing telephone orders;

FIG. 3 is a schematic block diagram illustrating another embodiment ofan apparatus for processing telephone orders;

FIG. 4 is a schematic block diagram illustrating one embodiment of anapparatus for placing telephone orders;

FIG. 5 is a schematic block diagram illustrating another embodiment ofan apparatus for placing telephone orders;

FIG. 6 is a schematic flow chart illustrating one embodiment of a methodfor processing telephone orders;

FIG. 7 is a schematic flow chart illustrating another embodiment of amethod for processing telephone orders;

FIG. 8 is a schematic flow chart illustrating one embodiment of a methodfor placing telephone orders;

FIG. 9 is a schematic flow chart illustrating another embodiment of amethod for processing telephone orders;

FIG. 10 is a schematic flow chart illustrating another embodiment of amethod for placing telephone orders with an automated attendant;

FIG. 11 is a schematic block diagram illustrating an embodiment of anapparatus for confirming identification of a customer;

FIG. 12 is a schematic block diagram illustrating an embodiment of anapparatus for receiving sensitive information;

FIG. 13 is a schematic block diagram illustrating an embodiment of anapparatus for confirming identification of a customer and receivingsensitive information;

FIG. 14 is a schematic flow chart illustrating an embodiment of a methodfor confirming identification of a customer;

FIG. 15 is a schematic flow chart illustrating an embodiment of a methodfor receiving sensitive information;

FIG. 16 is a schematic flow chart illustrating an embodiment of a methodfor confirming identification of a customer and receiving sensitiveinformation;

FIG. 17 is a schematic block diagram illustrating an embodiment of anapparatus for a customer to confirm identification;

FIG. 18 is a schematic block diagram illustrating an embodiment of anapparatus for a customer to control transmission of sensitiveinformation;

FIG. 19 is a schematic block diagram illustrating an embodiment of anapparatus for a customer to confirm identification and to controltransmission of sensitive information;

FIG. 20 is a schematic flow chart illustrating an embodiment of a methodfor a customer to confirm identification; and

FIG. 21 is a schematic flow chart illustrating an embodiment of a methodfor a customer to confirm identification and to control transmission ofsensitive information.

DETAILED DESCRIPTION

Reference throughout this specification to “one embodiment,” “anembodiment,” or similar language means that a particular feature,structure, or characteristic described in connection with the embodimentis included in at least one embodiment. Thus, appearances of the phrases“in one embodiment,” “in an embodiment,” and similar language throughoutthis specification may, but do not necessarily, all refer to the sameembodiment, but mean “one or more but not all embodiments” unlessexpressly specified otherwise. The terms “including,” “comprising,”“having,” and variations thereof mean “including but not limited to”unless expressly specified otherwise. An enumerated listing of itemsdoes not imply that any or all of the items are mutually exclusiveand/or mutually inclusive, unless expressly specified otherwise. Theterms “a,” “an,” and “the” also refer to “one or more” unless expresslyspecified otherwise.

Furthermore, the described features, advantages, and characteristics ofthe embodiments may be combined in any suitable manner. One skilled inthe relevant art will recognize that the embodiments may be practicedwithout one or more of the specific features or advantages of aparticular embodiment. In other instances, additional features andadvantages may be recognized in certain embodiments that may not bepresent in all embodiments.

These features and advantages of the embodiments will become more fullyapparent from the following description and appended claims, or may belearned by the practice of embodiments as set forth hereinafter. As willbe appreciated by one skilled in the art, aspects of the presentinvention may be embodied as a system, method, and/or computer programproduct. Accordingly, aspects of the present invention may take the formof an entirely hardware embodiment, an entirely software embodiment(including firmware, resident software, micro-code, etc.) or anembodiment combining software and hardware aspects that may allgenerally be referred to herein as a “circuit,” “module,” or “system.”Furthermore, aspects of the present invention may take the form of acomputer program product embodied in one or more computer readablemedium(s) having program code embodied thereon.

Many of the functional units described in this specification have beenlabeled as modules, in order to more particularly emphasize theirimplementation independence. For example, a module may be implemented ashardware, such as a hardware circuit comprising custom VLSI circuits orgate arrays, off-the-shelf semiconductors such as logic chips,transistors, or other discrete components. A module may also beimplemented in hardware as programmable hardware devices such as fieldprogrammable gate arrays, programmable array logic, programmable logicdevices or the like.

Modules may also be implemented in software for execution by varioustypes of processors. An identified module of executable code may, forinstance, comprise one or more physical or logical blocks of computerinstructions which may, for instance, be organized as an object,procedure, or function. Nevertheless, the executables of an identifiedmodule need not be physically located together, but may comprisedisparate instructions stored in different locations which, when joinedlogically together, comprise the module and achieve the stated purposefor the module.

Indeed, a module of executable code may be a single instruction, or manyinstructions, and may even be distributed over several different codesegments, among different programs, and across several memory devices.Similarly, operational data may be identified and illustrated hereinwithin modules, and may be embodied in any suitable form and organizedwithin any suitable type of data structure. The operational data may becollected as a single data set, or may be distributed over differentlocations including over different storage devices, and may exist, atleast partially, merely as electronic signals on a system or network.Where a module or portions of a module are implemented in software, theexecutable code may be stored and/or propagated on in one or morecomputer readable medium(s).

The computer readable medium may be a non-transitory, tangible computerreadable storage medium storing the executable code. The computerreadable storage medium may be, for example, but not limited to, anelectronic, magnetic, optical, electromagnetic, infrared, holographic,micromechanical, or semiconductor system, apparatus, or device, or anysuitable combination of the foregoing, excluding transitory signals.

More specific examples of the computer readable storage medium mayinclude but are not limited to a portable computer diskette, a harddisk, a random access memory (RAM), a read-only memory (ROM), anerasable programmable read-only memory (EPROM or Flash memory), aportable compact disc read-only memory (CD-ROM), a digital versatiledisc (DVD), an optical storage device, a magnetic storage device, aholographic storage medium, a micromechanical storage device, or anysuitable combination of the foregoing. In the context of this document,a computer readable storage medium may be any tangible medium that cancontain, and/or store executable code for use by and/or in connectionwith an instruction execution system, apparatus, or device.

The computer readable medium may also be a computer readable signalmedium. A computer readable signal medium may include a propagated datasignal with executable code embodied therein, for example, in basebandor as part of a carrier wave. Such a propagated signal may take any of avariety of forms, including, but not limited to, electrical,electro-magnetic, magnetic, optical, or any suitable combinationthereof. A computer readable signal medium may be any computer readablemedium that is not a computer readable storage medium and that cancommunicate, propagate, or transport executable code for use by or inconnection with an instruction execution system, apparatus, or device.Executable code embodied on a computer readable signal medium may betransmitted using any appropriate medium, including but not limited towire-line, optical fiber, Radio Frequency (RF), or the like, or anysuitable combination of the foregoing.

In one embodiment, the computer readable medium may comprise acombination of one or more computer readable storage mediums and one ormore computer readable signal mediums. For example, executable code maybe both propagated as an electro-magnetic signal through a fiber opticcable for execution by a processor and stored on RAM storage device forexecution by the processor.

Executable code for carrying out operations for aspects of the presentinvention may be written in any combination of one or more programminglanguages, including an object oriented programming language such asJava, Smalltalk, C++, PHP or the like and conventional proceduralprogramming languages, such as the “C” programming language or similarprogramming languages. The executable code may execute entirely on theuser's computer, partly on the user's computer, as a stand-alonesoftware package, partly on the user's computer and partly on a remotecomputer or entirely on the remote computer or server. In the latterscenario, the remote computer may be connected to the user's computerthrough any type of network, including a local area network (LAN) or awide area network (WAN), or the connection may be made to an externalcomputer (for example, through the Internet using an Internet ServiceProvider).

The computer program product may be integrated into a client, server andnetwork environment by providing for the computer program product tocoexist with applications, operating systems and network operatingsystems software and then installing the computer program product on theclients and servers in the environment where the computer programproduct will function.

In one embodiment software is identified on the clients and serversincluding the network operating system where the computer programproduct will be deployed that are required by the computer programproduct or that work in conjunction with the computer program product.This includes the network operating system that is software thatenhances a basic operating system by adding networking features.

Furthermore, the described features, structures, or characteristics ofthe embodiments may be combined in any suitable manner. In the followingdescription, numerous specific details are provided, such as examples ofprogramming, software modules, user selections, network transactions,database queries, database structures, hardware modules, hardwarecircuits, hardware chips, etc., to provide a thorough understanding ofembodiments. One skilled in the relevant art will recognize, however,that embodiments may be practiced without one or more of the specificdetails, or with other methods, components, materials, and so forth. Inother instances, well-known structures, materials, or operations are notshown or described in detail to avoid obscuring aspects of anembodiment.

Aspects of the embodiments are described below with reference toschematic flowchart diagrams and/or schematic block diagrams of methods,apparatuses, systems, and computer program products according toembodiments of the invention. It will be understood that each block ofthe schematic flowchart diagrams and/or schematic block diagrams, andcombinations of blocks in the schematic flowchart diagrams and/orschematic block diagrams, can be implemented by executable code. Theexecutable code may be provided to a processor of a general purposecomputer, special purpose computer, sequencer, or other programmabledata processing apparatus to produce a machine, such that theinstructions, which execute via the processor of the computer or otherprogrammable data processing apparatus, create means for implementingthe functions/acts specified in the schematic flowchart diagrams and/orschematic block diagrams block or blocks.

The executable code may also be stored in a computer readable mediumthat can direct a computer, other programmable data processingapparatus, or other devices to function in a particular manner, suchthat the instructions stored in the computer readable medium produce anarticle of manufacture including instructions which implement thefunction/act specified in the schematic flowchart diagrams and/orschematic block diagrams block or blocks.

The executable code may also be loaded onto a computer, otherprogrammable data processing apparatus, or other devices to cause aseries of operational steps to be performed on the computer, otherprogrammable apparatus or other devices to produce a computerimplemented process such that the executable code which executed on thecomputer or other programmable apparatus provide processes forimplementing the functions/acts specified in the flowchart and/or blockdiagram block or blocks.

The schematic flowchart diagrams and/or schematic block diagrams in theFigures illustrate the architecture, functionality, and operation ofpossible implementations of apparatuses, systems, methods and computerprogram products according to various embodiments of the presentinvention. In this regard, each block in the schematic flowchartdiagrams and/or schematic block diagrams may represent a module,segment, or portion of code, which comprises one or more executableinstructions of the executable code for implementing the specifiedlogical function(s).

It should also be noted that, in some alternative implementations, thefunctions noted in the block may occur out of the order noted in theFigures. For example, two blocks shown in succession may, in fact, beexecuted substantially concurrently, or the blocks may sometimes beexecuted in the reverse order, depending upon the functionalityinvolved. Other steps and methods may be conceived that are equivalentin function, logic, or effect to one or more blocks, or portionsthereof, of the illustrated Figures.

Although various arrow types and line types may be employed in theflowchart and/or block diagrams, they are understood not to limit thescope of the corresponding embodiments. Indeed, some arrows or otherconnectors may be used to indicate only the logical flow of the depictedembodiment. For instance, an arrow may indicate a waiting or monitoringperiod of unspecified duration between enumerated steps of the depictedembodiment. It will also be noted that each block of the block diagramsand/or flowchart diagrams, and combinations of blocks in the blockdiagrams and/or flowchart diagrams, can be implemented by specialpurpose hardware-based systems that perform the specified functions oracts, or combinations of special purpose hardware and executable code.

The description of elements in each figure may refer to elements ofproceeding figures. Like numbers refer to like elements in all figures,including alternate embodiments of like elements.

This invention provides added security and efficiency in the processingof product orders with the help of customer service representatives. Theinvention encompasses apparatuses and methods that allow a customer toplace a product order over a telephonic connection with a customerservice representative without having to reveal his or her billinginformation, such as credit card or bank account number, to the customerservice representative. With this invention, a customer can use anidentifier to alert the merchant's computer system and the customerservice representative that he or she has a customer billing profilestored at an independent location, such as the customer's electronicdevice or a third party computer system. When making his or herpurchase, the customer can send his or her customer billing profiledirectly to the merchant, give approval for access to his or hercustomer billing profile on another system, or by default, givepermission to send the customer billing profile in response to havingalready given the customer service representative his or her identifierduring a telephonic connection. Throughout the transaction, the customerservice representative cannot see the customer billing profile, whichincreases the security of the orders and a customer's financialinformation.

FIG. 1A is a schematic block diagram illustrating one embodiment of asystem 100 for processing telephone orders. The system 100 includes acomputer 102, an order processing apparatus 104, an electronic device106, an ordering client apparatus 108, a server 110, a customer billingprofile 112, and a network 114, which are described below.

The system 100, in one embodiment, includes a computer 102 with an orderprocessing apparatus 104. The computer 102 may be connected to a display116. The order processing apparatus 104, in one example, receivescustomer data over a network 114 from an electronic device 106. Theelectronic device 106, in one embodiment, includes an ordering clientapparatus 108 to process a purchase order. In one embodiment, the orderprocessing apparatus 104 accesses a customer billing profile 112 on aserver 110 over a network to process a purchase order. The orderprocessing apparatus 104 is described in more detail with respect to theapparatus 200 in FIG. 2 and the apparatus 300 in FIG. 3. The electronicdevice 106, in one embodiment, has an ordering client apparatus 108 andmay be any device capable of sending customer data to a computer 102over a network 114. For example, the electronic device 106 may be alaptop or a desktop computer. In another example, the electronic device106 may be a tablet. Alternatively, the electronic device 106 may be asmartphone. The ordering client apparatus 108 is described in moredetail with respect to the apparatus 400 in FIG. 4 and the apparatus 500in FIG. 5.

The network 114 may include a local area network (“LAN”), a wide areanetwork (“WAN”), wireless network, cellular network, the Internet, afiber optic network, or the like. In one embodiment, the network 114includes multiple networks. For example, the network 114 may include acellular network along with another network capable Internet connection.In another example, the network 114 includes a wireless network alongwith a wired network. The network 114 may include switches, routers,servers, cabling and other equipment known to those in the art. Theserver 110 may be any computer accessible by a computer 102 over anetwork 114, including but not limited to a database server, a mainframeserver, a workstation, a desktop computer, etc.

In one embodiment, a customer billing profile 112 for one or morecustomers is stored on the server 110 before it is accessed by the orderprocessing apparatus 104. The server 110, in one embodiment, is acomputer system external to a computer system available to a merchant,customer service representative of the merchant and/or an automatedattendant of the merchant. In one embodiment, the automated attendant ofthe merchant includes an electronic system that receives voice commandsfrom the customer and/or selections from the customer made by pressingbuttons on an electronic device 106 used by the customer for thetelephonic connection, and the automated attendant responds withautomated voice responses. The automated attendant may allow voicecommands, commands entered by pressing buttons, etc. and may respondwith audible responses. The audible responses are stored electronically.The automated attendant typically includes automated responses ratherthan responses from a live customer service representative, although alive customer service representative may be connected under certaincircumstances, such as the customer having difficulty, a customerpreferring to talk to a customer service representative, a customerdesiring information not available through the automated attendant, etc.

A customer billing profile 112 typically contains billing informationfor a customer. The customer billing profile 112 may include thecustomer's credit card profile, debit card profile, financialinstitution account profile, etc. A credit card profile may includeaccount information for one or more credit cards, where the accountinformation includes information such as the credit card account number,the credit card expiration date, the credit card security code, and thecredit card billing address. A debit card profile may include accountinformation for one or more debit cards (including prepaid debit cards),where the account information may include information such as the debitcard account number, the debit card expiration date, the debit cardsecurity code, and/or the debit card personal identification number(“PIN”). A financial institution may be a bank, a credit union, a trustcompany, etc. A financial institution account profile may includeaccount information for one or more financial institution accounts,where the account information may include the financial institutionaccount number, routing transit number, or other account information.

A customer billing profile 112 may also include additional informationof the customer. For example, the customer billing profile 112 mayinclude a shipping address, a residential address, a business address, aphone number, a fax number, an email address of the customer, purchasehistory, shipping preferences, account information, or other informationthat would be useful in completing a transaction, signing up for aservice or other transaction initiated with a phone call. Throughout thepages of the present disclosure, items, packets, or fields ofinformation about the customer, or any other commands, requests,confirmations, approvals, etc., that are communicated electronicallybetween a customer and a merchant may be encrypted or have othersecurity mechanisms and may be referred to as “tokens.” In oneembodiment, a token may be transmitted via a telephonic connection. Inanother embodiment, a token may be transmitted via a data channel inconjunction with the telephonic connection. A token, in one embodiment,is a non-decryptable piece of data to represent, by reference, sensitiveor secret data. For example, a token may be used to reference personallyidentifiable information of the customer stored on a secure computer andaccessed using the token.

FIG. 1B is a schematic block diagram illustrating one embodiment of asystem 101 for providing sensitive information while a consumer isconnected via a telephone. The system 101, in one embodiment, includes acomputer 102, an electronic device 106, a server 110, a network 114, anda display 116, which are substantially similar to those described abovein relation to the system 100 of FIG. 1A. The system 101, in variousembodiments, may also include a telecommunication apparatus 118 in thecomputer 102, a client apparatus 120 in the electronic device 106, and acustomer profile 122 on the server 110, which are described below.

In one embodiment, the system 101 includes a telecommunication apparatus118 that confirms identification of a customer and/or receives sensitiveinformation from the customer during a telephone connection with thecustomer where the sensitive information is transmitted from thecustomer profile 122 electronically over the network 114. Typically, thesensitive information is received by the telecommunication apparatus 118in such a way that the sensitive information is unavailable to acustomer service representative of a company in telephone communicationwith the customer. In addition, the customer may confirm identificationand an identification confirmation is sent to the telecommunicationapparatus 118 without transmitting sensitive information about thecustomer to the computer 102 or to the customer service representative.The customer service representative may receive notice of theconfirmation of identification and/or that the sensitive information isreceived by the telecommunication apparatus 118.

The client apparatus 120, in one embodiment, inputs identifyinginformation via the electronic device 106 which is compared to storedidentifying information in the customer profile 122 and, in anotherembodiment, initiates transfer of the sensitive information to thetelecommunication apparatus 118, for example by providing approval, bytransmitting the sensitive information, etc. In one embodiment, thecustomer profile 122 is stored on the electronic device 106. Thetelecommunication apparatus 118, the client apparatus 120, and thecustomer profile 122 are described in more detail below.

FIG. 2 is a schematic block diagram illustrating one embodiment of anapparatus 200 for processing telephone orders. The apparatus 200includes one embodiment of an order processing apparatus 104 with acommunications module 202, an identification module 204, a billingprofile access module 206, and a transaction module 208, which aredescribed below.

The communications module 202, in one embodiment, establishes atelephonic connection between a customer service representative of amerchant and a customer or between an automated attendant of a merchantand the customer. The communications module 202 may establish thetelephonic connection in response to a connection request from anelectronic device 106 used by a customer or by sending a connectionrequest to an electronic device 106 used by a customer. In one form, thetelephonic connection is a fixed line connection established over apublic switched telephone network (“PSTN”) and may include a wired phoneor a wireless handset connection to a base. In another form, thetelephonic connection is a wireless connection established over acellular network. In another embodiment, the telephonic connection is aninternet protocol (“IP”) based connection established over IP networkssuch as the Internet or voice-over-IP (“VOIP”). As another example, thetelephonic connection is part of an audiovisual connection establishedover the Internet. The telephonic connection may also be an exchange ofShort Message Service (“SMS”) messages. The telephonic connection may beany connection where a customer may talk to a customer servicerepresentative.

In one embodiment, the identification module 204 receives an identifierfrom an electronic device 106 alerting the customer servicerepresentative, automated attendant and/or a computer system of amerchant that a customer has a customer billing profile 112. In thisembodiment, the customer billing profile 112 was stored previous to theestablishment of the telephonic connection. In one embodiment, theidentifier is in a form that allows a customer to be associated with acustomer billing profile 112. For example, the identifier may be acombination of letters, numbers, or both. In another example, theidentifier may be a picture, photograph, sound, etc. The identifier, inyet another embodiment, may be a hyperlink reference that allows accessto a customer billing profile 112, for example in the form of a token.In one embodiment, the identifier is transmitted over a data channel ofthe telephonic connection. In another embodiment, the identifier istransmitted over a different communication or data channel than thetelephonic connection.

For example, the identifier may be transmitted via an internetconnection on a device separate from the electronic device 106. Inanother embodiment, the identifier may be transmitted via an internetand/or cellular connection to the same electronic device 106 that hasthe telephonic connection. In other words, a customer may use asmartphone to establish both the telephonic connection, forcommunicating orally with a customer service representative orcommunicating with an automated attendant, and a data channel of thetelephonic connection, for transmitting the identifier, customer billingprofile 112, customer approval, etc. using data files, tokens or othermeans known to those of skill in the art. The identification module 204,in another embodiment, transmits the customer billing profile 112 alongwith the identifier. In a further embodiment, the identification module204 notifies the customer service representative or automated attendantof the identifier when the communications module 202 establishes thetelephonic connection between a customer and a customer servicerepresentative or automated attendant. In another embodiment, theidentification module 204 notifies the customer service representativeor automated attendant at a later time or, for example, in response toan inquiry by the customer service representative or automatedattendant. For instance, the customer service representative orautomated attendant may access a service that notifies the customerservice representative or automated attendant that the customer has anidentifier or may transmit a request to the electronic device 106 torequest the identifier and the identification module 204 sends theidentifier in response to the request.

The billing profile access module 206, in one embodiment, receiveselectronic access to a customer billing profile 112. In one embodiment,the billing profile access module 206 receives electronic access to acustomer billing profile 112 by sending at least a portion of theidentifier for a customer to the server 110, which may use theidentifier information to locate the customer billing profile 112associated with the identifier. The identifier may provide access sothat the billing profile access module 206 may read information in thecustomer billing profile 112, may retrieve one or more files from theserver 110 with the customer billing profile 112, the identifier mayinclude a command for the server to send the customer billing profile112, etc. In another embodiment, the billing profile access module 206receives electronic access to the customer billing profile 112 byreceiving the customer billing profile 112. For example, the electronicdevice 106 may send the customer billing profile 112. The electronicdevice 106 may receive the customer billing profile 112 from the server110 or may store the customer billing profile 112. In anotherembodiment, the electronic device 106 sends a request to the server 110to send the customer billing profile 112 to the merchant, customerservice representative, and/or automated attendant. One of skill in theart will recognize other ways that the billing profile access module 206may receive electronic access to the customer billing profile 112.

In another embodiment, the billing profile access module 206 receiveselectronic access to a customer billing profile 112 in response to anaction by the customer that approves sending the customer billingprofile 112 to the billing profile access module 206. The action by thecustomer may be an act by the customer to sending the customer billingprofile 112 during the telephonic connection. In a different embodiment,the action by the customer may be a default setting that providespermission to send the customer billing profile 112 in response to atelephonic connection with a customer service representative orautomated attendant in which the identifier is sent. Furthermore, theaction by the customer may be approving the sales order. The billingprofile access module 206, in one form, receives electronic access to acustomer billing profile 112 by receiving the customer billing profile112 from a third party storing the customer billing profile 112. Inanother form, the billing profile access module 206 receives electronicaccess to the customer billing profile 112 by receiving a location or anaddress (e.g., hyperlink) of the customer billing profile 112. In yetanother form, the billing profile access module 206 receives electronicaccess to the customer billing profile 112 by being granted access toretrieve the customer billing profile 112. In a further form, thebilling profile access module 206 receives the customer billing profile112 from the electronic device 106 that transmits the identifier.

The transaction module 208, in one embodiment, processes a sales orderusing a customer billing profile 112. The sales order may be for one ormore products, services, or a combination of products and servicesoffered by a merchant. In one embodiment, the transaction module 208processes a sales order using a customer billing profile 112 in responseto a customer approval of the sales order. During the processing of thesales order by the transaction module 208, the billing information ofthe customer billing profile 112 is unavailable for viewing by thecustomer sales representative. For example, where the customer istalking with the customer sales representative, the customer billingprofile 112 may be sent electronically so the customer servicerepresentative does not see the customer billing profile 112. Where thecustomer is interfacing with an automated attendant, the customerbilling profile 112 may be transmitted in a form that is not viewable bycustomer sales representatives and other personnel of the merchant. Forexample, the customer sales representative or other personnel would beunable to view a credit card number, credit card expiration date, orcredit card security code. As another example, the customer salesrepresentative or other personnel would be unable to view a financialinstitution account number or routing transit number. Shielding thebilling information of the customer billing profile 112 from the view ofa customer sales representative and other personnel of the merchantenhances security by limiting the number of people who have access tothe billing information.

FIG. 3 is a schematic block diagram illustrating another embodiment ofan apparatus 300 for processing telephone orders. The apparatus 300includes one embodiment of an order processing apparatus 104 with acommunications module 202, an identification module 204, a billingprofile access module 206, a transaction module 208, a confirmationmodule 302, a security module 304, a registration module 306, a customerorder module 308, a transfer module 310, and a data communicationsmodule 312, which are described below.

The communications module 202, identification module 204, billingprofile access module 206, and transaction module 208 in FIG. 3 aresubstantially similar to the modules described above with respect to theapparatus 200 in FIG. 2. The confirmation module 302, in one embodiment,receives a customer approval of the sales order prior to the processingof the order. For example, the confirmation module 302 may transmit anorder approval request to a customer prior to receiving the customerapproval. The order approval request may include information about thesales order, such as a final price of the sales order, a description ofa product or service being purchased, a price of a product or servicebeing purchased, or the quantity of a product or service beingpurchased. In another embodiment, the confirmation module receives anelectronic message containing the customer approval. The customerapproval may take many forms. As an example, the customer approval maybe oral consent received over via a telephonic connection. In anotherexample, the customer approval may be a signature, a password, or apersonal identification number (“PIN”).

The customer approval, in another form, may be a biometric attribute ofthe customer (e.g., fingerprint, palm print, voice or other biometricinformation). The tokens, as briefly described above, may be transmittedfrom the customer to the merchant via a non-telephonic connection, suchas the internet, cellular connection, etc. For example, a customer mayuse a smartphone to establish both the telephonic connection, forcommunicating verbally with a customer service representative, and thenon-telephonic connection, (e.g., cellular connection, internetconnection, etc.) for transmitting the approval and/or other tokens. Inanother example, the customer approval may be a reply to the orderapproval request. The reply may be text, a check box on the orderapproval request, a PIN, etc.

The security module 304 verifies the customer approval of the salesorder by matching the customer approval with a sample previouslyprovided by the customer. For example, the security module 304 mayverify a customer's signature by comparing it to a signature previouslyprovided by the customer and stored on the server 110. In anotherexample, the security module 304 may verify a customer's fingerprint bysending it to the server 110, where it may be compared to a fingerprintpreviously provided by the customer, and receives the result of thecomparison. In this example, by sending the customer approval to theserver 110 for comparison, the comparison may enhance security bylimiting access to an original and authentic customer approvalpreviously provided by the customer.

The registration module 306, in one embodiment, receives and stores acustomer billing profile 112 of a customer. In one embodiment, theregistration module 306 receives and stores a customer billing profile112 in a transaction unrelated to a sales order. For example, theregistration module 306 may receive and store the customer billingprofile 112 while signing the customer up for a service, for example,with a company independent of the merchant of the customer servicerepresentative or automated attendant. In another embodiment, theregistration module 306 operates without the involvement of a merchant.For example, without involvement of a merchant associated with thecustomer service representative. In this embodiment, the merchanttypically has no control over and is independent from the registrationmodule 306 when it receives and stores a customer billing profile 112.

The merchant, in the embodiment, may have no control over the customerbilling profile 112, except for processing the sales order afterreceiving the identifier. The registration module 306, in one form,stores the customer billing profile 112 in a location accessible to theelectronic device 106. For example, the registration module 306 maystore the customer billing profile 112 on a computer 102 or a server 110that may be accessed by the customer service representative, automatedattendant, and/or the computer 102. Once again, any tokens (encrypted orsecure information sent electronically from customer to merchant) may betransmitted via the telephonic connection or a non-telephonicconnection. For example, the registration module 306 may receive tokensof information in order to establish the customer billing profile 112via a non-telephonic connection. The telephonic connection and thenon-telephonic connection, in one embodiment, may be managed by the sameelectronic device 106 (i.e., a smartphone may establish both a telephoneconnection and an internet/data connection).

In one embodiment, the apparatus 300 includes a customer order module308 that receives, through the automated attendant, information toidentify one or more of products and services of the sales order. Forexample, the customer order module 308 may allow a customer to use voicecommands to identify products or services for purchase or may identify apreviously stored order. In another example, the customer order module308 may receive input from the electronic device 106 in the form ofbutton presses, text input, keyboard strokes, etc. In another example,the customer order module 308 may include one or more menus and thecustomer may interface with the menus over the telephonic connection toidentify a product or service to purchase. The customer order module308, in one embodiment, provides audible responses to selections by thecustomer to facilitate navigation of menus, verification of a selectedproduct or service, instructions to the customer, etc. One of skill inthe art will recognize other features of a customer order module 308 toreceive information through the automated attendant to identify aproduct or service to put in the sales order for purchase by thecustomer.

In another embodiment, the apparatus 300 includes a transfer module 310that transfers the telephonic connection to a customer salesrepresentative of the merchant to receive customer billing and shippinginformation in response to establishing the telephonic connection andnot receiving the identifier. For example, the transfer module 310 maybe useful for customers without a customer billing profile 112. Asmentioned above, an automated attendant may have difficulty withaccurately receiving billing and shipping information from a customer.For example, the automated attendant may not be able to discern thedifference between certain names or sounds. For example, the automatedattendant may have difficulty determining that a proper spelling isSteven or Stephen, or determining that a proper spelling is Brian orBryan. Therefore, if no identifier is received, the transfer module 310may transfer the customer to a customer service representative toreceive billing and shipping information.

In another embodiment, the apparatus 300 includes a data communicationsmodule 312 that establishes a data connection, in conjunction with thetelephonic connection, between the merchant and the customer. Forexample, the data connection may be different than the telephonicconnection. In one embodiment, the customer may establish the dataconnection through a computing device and the telephonic connectionthrough a telephone. In another embodiment, the data connection and thetelephonic connection are established using a single electronic device106 of the customer. For example, the electronic device 106 may be asmartphone that combines voice and data on one cellular connection.

FIG. 4 is a schematic block diagram illustrating one embodiment of anapparatus 400 for placing telephone orders. The apparatus 400 includesone embodiment of an ordering client apparatus 108 with a registrationmodule 402, a phone connection module 404, an identifier module 406, abilling profile module 408, and a sales identifier module 410, which aredescribed below.

In one embodiment, the registration module 402 in FIG. 4 issubstantially similar to the registration module 306 in FIG. 3. Inanother embodiment, the registration module 402 creates and stores acustomer billing profile 112 of a customer. The registration module 402,in an embodiment, creates and stores a customer billing profile 112 onthe electronic device 106. In a further embodiment, the registrationmodule 402 creates and stores a customer billing profile 112 in alocation accessible to the electronic device 106. For example, theregistration module 402 may create and store the customer billingprofile 112 on a computer or a server 110.

The registration module 402, in one embodiment, is web-based. In anotherembodiment, the registration module 402 allows a third party, such as arepresentative of a company that stores customer billing profiles 112 toreceive information over the phone from the customer and to enter thecustomer billing profile 112. The company may be a company thatestablishes a service with merchants for providing services or systemsin conjunction with the embodiments described herein. Customers and/ormerchants may desire such a service/system for enhanced security, inthat the customer service representative or other employees of merchantsdo not view the sensitive customer billing profile 112 of the customerand sales transactions may take less time than traditional methods wherecustomers relay sensitive financial and personal information over aphone to a customer service representative or automated attendant.

The phone connection module 404, in one embodiment, establishes atelephonic connection between a customer and a merchant customer servicerepresentative. In one embodiment, the phone connection module 404establishes a telephonic connection between an electronic device 106 ofa customer and the customer service representative. In anotherembodiment, the phone connection module 404 establishes a telephonicconnection between an electronic device 106 of a customer and anautomated attendant of a merchant. The telephonic connection issubstantially similar to the telephonic connection previously describedin relation to the apparatuses 200, 300 of FIGS. 2 and 3.

The identifier module 406, in one embodiment, sends an identifier to acustomer service representative or to an automated attendant in responseto the phone connection module 404 establishing a telephonic connectionbetween a customer and the customer service representative or automatedattendant. The identifier links the customer to a customer billingprofile 112. In one embodiment, the identifier module 406 sends theidentifier in a communication channel of the telephonic connection. Inanother embodiment, the identifier module 406 sends the identifier in acommunication channel separate from the telephonic connection. Theidentifier is substantially similar to the identifier described above inrelation to the apparatuses 200, 300 of FIGS. 2 and 3. In oneembodiment, the electronic device 106 can be used to establish thetelephonic connection and send the identifier. For example, theelectronic device 106 may be a smartphone with an application thatenables oral phone calls over the telephonic connection and sendinginformation, for example as tokens, over the data channel connection.Other electronic devices 106, such as a tablet computer, a laptop ordesktop computer, etc. may also be used to make the data channelconnection. In another embodiment, one electronic device 106 establishesthe telephonic connection and another electronic device 106 sends theidentifier. Thus, a customer may be on a telephone in front of acomputer.

The billing profile module 408, in one embodiment, provides the customerservice representative or automated attendant electronic access to thecustomer billing profile 112 of the customer. In one embodiment, thebilling profile module 408 is substantially similar to the billingprofile access module 206 in FIG. 3. In another embodiment, the billingprofile module 408 transmits the customer billing profile 112 of acustomer from the electronic device 106 to the billing profile accessmodule 206 to be accessible to customer service representative. Thecustomer service representative or automated attendant may then use thecustomer billing profile 112 to process the sales order for thecustomer, where the customer billing profile 112 is unavailable forviewing by the customer service representative or other personassociated with the merchant.

In one embodiment, where the customer establishes a connection with anautomated attendant, the apparatus 400 includes a sales identifiermodule 410 that identifies to the automated attendant a product and/or aservice offered by the merchant and desired by the customer for purchaseas part of a sales order. For example, the sales identifier module 410may be integral with the automated attendant and may include menus,instructions, etc. to allow the customer to identify products orservices of the merchant or previously identified and already in a salesorder. For instance the sales identifier module 410 may allow thecustomer to navigate to particular products or services of the merchantor may allow the customer to access a previously stored sales order orpartial sales order. Once the sales identifier module 410 has allowedthe customer to identify goods or services to be part of the salesorder, the billing profile module 408 may then process the sales orderusing the customer billing profile 112. In another embodiment, the salesidentifier module 410 may be used with a customer service representativeto identify products and/or services of the merchant for the salesorder.

FIG. 5 is a schematic block diagram illustrating another embodiment ofan apparatus 500 for placing telephone orders. The apparatus 500includes one embodiment of an ordering client apparatus 108 with aregistration module 402, a phone connection module 404, an identifiermodule 406, a billing profile module 408, a sales identifier module 410,an order information module 502, and an approval module 504, which aredescribed below.

The registration module 402, phone connection module 404, identifiermodule 406, billing profile module 408 and sales identifier module 410in FIG. 5, in one embodiment, are substantially similar to the modulespreviously described with respect to the ordering client apparatus 108of FIG. 4. The order information module 502, in one embodiment, receivessales order information from the customer service representative. Thesales order information may include a description of the order placed bythe customer, or other information related to a sales transaction. Inone form, the sales order information may include a description of aproduct or service being purchased, a price of a product or servicebeing purchased, the quantity of a product or service being purchased,etc. In another embodiment, the order information module 502 mayinteract with the sales identifier module 410 to receive product/servicesales order information or may include functions of the sales identifiermodule 410.

In one embodiment, the approval module 504 sends a customer approval ofa sales order to a customer service representative or to an automatedattendant. The customer approval may take many forms. As an example, thecustomer approval may be verbal consent. In another example, thecustomer approval may be a signature, a password, or a personalidentification number (“PIN”). The customer approval, in another form,may be a biometric attribute of the customer (e.g., fingerprint, palmprint, voice or other biometric information). The customer approval maybe in the form of tokens, as briefly described above, and may betransmitted from the customer to the merchant via a data channelconnection in conjunction with the telephonic connection, such as theinternet, cellular network, etc. For example, a customer may use asmartphone to establish both the telephonic connection, forcommunicating orally with a customer service representative, and thedata channel connection, (e.g., internet connection, cellular network,etc.) for transmitting the approval and/or other tokens. In anotherembodiment, the customer approval may be a reply to the sales orderinformation received by the order information module 502 and/or salesidentifier module 410. The reply may be in the form of text, a checkedcheckbox, a PIN, a digital signature, etc.

In one embodiment, instead of establishing a telephonic connection witha customer service representative, the various modules of the presentdisclosure may establish a telephonic connection with an automatedattendant. In such embodiments, the automated attendant may‘communicate’ orally with the customer and in order receive the varioustokens (e.g., identifier, customer billing profile 112, etc.). Theautomated attendant may incorporate speech recognition software and thusmay communicate with and receive tokens from the customer. However, incertain situations and with certain information, the automated attendantmay struggle to accurately comprehend the oral communication with thecustomer. For example, the automated attendant may struggle toaccurately convert the customer's speech into text. In such situations,the automated attendant may still receive the customer billing profile112 from the customer via a telephonic connection by instructing thecustomer to manually enter any passwords using the key-pad on theirelectronic device 106 or may receive the customer billing profile 112without specific instructions from the customer, such as when thecustomer billing profile 112 is sent or enabled with the identifier.

However, transmitting information by using speech recognition softwareor by requiring the customer to manually enter the tokens using a 10digit key-pad may be inefficient. Accordingly, in certain embodiments,the various modules of the present disclosure also establish a datachannel in conjunction with the telephonic connection. The establishmentof a data channel (e.g., internet) allows customers to easily andefficiently transmit the identifier, the customer billing profile 112,etc., possibly in the form of tokens, to merchants. For example, acustomer may use a single electronic device 106 (e.g. a smartphone) toestablish both the telephonic connection, for communicating orally withan automated attendant, and the data channel of the telephonicconnection, for entering and transmitting the identifier, the customerbilling profile 112, etc. In another embodiment, the customer may usetwo separate devices (e.g., a phone and a computer) to establish boththe telephonic and data channel connections. The data channel connectionmay utilize a mobile application, a website, executable code on acomputer, or other means to allow customers to enter and transmit theidentifier, the customer billing profile 112, etc. to a merchant. Forexample, the various modules of the present disclosure may transmitinformation to the customer via the telephonic connection and thecustomer may transmit information/tokens to the various modules via thedata channel connection.

FIG. 6 is a schematic flow chart illustrating one embodiment of a method600 for processing telephone orders. The method 600 begins andestablishes 602 a telephonic connection between a customer and acustomer service representative of a merchant. In one embodiment, thecommunications module 202 establishes the telephonic connection. Inanother embodiment, the phone connection module 404 establishes thetelephonic connection. The method 600 receives 604 an identifieralerting the customer service representative, automated attendant,and/or a computer system of a merchant that the customer has a customerbilling profile 112. The customer billing profile 112 is storedelectronically on a computer system external to a computer systemavailable to the merchant, automated attendant or the customer servicerepresentative. In one form, the identification module 204 receives theidentifier. The method 600 receives 606 the customer billing profile112. In one form, the customer billing profile 112 is received by thebilling profile access module 206. In another embodiment, the billingprofile module 408 sends the customer billing profile 112. The method600 processes 608 a sales order of the customer using the customerbilling profile 112 and method 600 ends. During method 600, the customerbilling profile 112 is unavailable for viewing by the customer servicerepresentative or person affiliated with the merchant.

FIG. 7 is a schematic flow chart illustrating another embodiment of amethod 700 for processing telephone orders. The method 700 begins andestablishes 702 a telephonic connection between a customer and acustomer representative or automated attendant of a merchant. In oneembodiment, the communications module 202 establishes the telephonicconnection. In another embodiment, the phone connection module 404establishes the telephonic connection. The method 700 determines 704 ifan identifier linking a customer to a customer billing profile 112 hasbeen received. If no identifier for the customer has been received, themethod 700 processes 714 the sales order of a customer manually and themethod 700 ends. In one embodiment where the telephonic connection is toan automated attendant, processing manually may include transferring thecall to a customer service representative, for example using thetransfer module 310. If the method 700 determines 704 that an identifierhas been received, the method 700 sends 706 the sales order informationto the customer. In one embodiment, the identification module 204determines 704 if the identifier has been received.

The method 700 determines 708 whether customer permission has beenreceived. In one form, customer permission may be an action by thecustomer to send the customer billing profile 112 during the telephonicconnection. Customer permission, in another form, can be a defaultsetting that provides permission to send the customer billing profile112 in response to a telephonic connection with a customer servicerepresentative or automated attendant in which the identifier is sent.Another form of customer permission can be a customer approving thesales order. If the method 700 determines 708 that no customerpermission for the sales order has been received, the method 700 ends.If the method 700 determines 708 that a customer permission has beenreceived, the method 700 obtains 710 electronic access to the customerbilling profile 112 linked to the previously received identifier. In oneembodiment, the confirmation module 302 determines 708 if a customerapproval is received. In another embodiment, the billing profile module408 obtains electronic access to the customer billing profile 112. Themethod 700 processes 712 a sales order of the customer using thecustomer billing profile 112 and method 700 ends. During method 700, thecustomer billing profile 112 is unavailable for viewing by the customerservice representative or employee of the merchant.

FIG. 8 is a schematic flow chart illustrating one embodiment of a method800 for placing telephone orders. The method 800 begins and creates andstores 802 a customer billing profile 112. In one embodiment, theregistration module 402 creates and stores 802 the customer billingprofile 112. In another embodiment, the registration module 402 receivesand stores the customer billing profile 112 of the customer in atransaction unrelated to the merchant and/or placing a sales order. Themethod 800 establishes 804 a telephonic connection between a customerand a customer service representative or automated attendant of amerchant. In an embodiment, the phone connection module 404 establishesthe telephonic connection. The method 800 sends 806 electronically anidentifier to the customer service representative, automated attendant,or computer system of the merchant in response to establishing thetelephonic connection, the identifier alerting the customer servicerepresentative, automated attendant and/or the computer system of amerchant that the customer has a customer billing profile 112. In oneembodiment, the identifier module 406 sends the identifierelectronically. The method 800 allows 808 electronic access to thecustomer billing profile 112 for processing a sales order, and method800 ends. In one embodiment, the customer service representativeprocesses a sales order of a customer using the customer billing profile112. During method 800, the customer billing profile 112 is unavailablefor viewing by the customer service representative or person connectedwith the merchant.

FIG. 9 is a schematic flow chart illustrating another embodiment of amethod 900 for processing telephone orders. The method 900 begins andcreates and stores 902 a customer billing profile 112. In oneembodiment, the registration module 402 creates and stores the customerbilling profile 112. The method 900 establishes 904 a telephonicconnection between a customer and a customer service representative orautomated attendant of a merchant. In an embodiment, the phoneconnection module 404 establishes the telephonic connection. The method900 sends 906 electronically an identifier to the customer servicerepresentative or automated attendant in response to establishing thetelephonic connection. The identifier, in one embodiment is a token. Theidentifier alerts the customer service representative, automatedattendant and/or a computer system of a merchant that the customer has acustomer billing profile 112. In one embodiment, the identifier module406 sends the identifier electronically. The method 900 receives 908sales order information from the customer service representative orautomated attendant. In one embodiment, the order information module 502receives the sales order information. The method 900 determines 910whether to approve the sales order. If the method 900 determines 910that the sales order is not approved, the method 900 ends. If the method900 determines 910 that the sales order is approved, the method 900sends 912 the approval to the customer service representative. In oneembodiment, the approval module 504 sends the customer approval. Themethod 900 allows 914 electronic access to the customer billing profile112 linked to the previously sent identifier and method 900 ends. In oneembodiment, the billing profile module 408 allows electronic access tothe customer billing profile 112. During method 900, the customerbilling profile 112 is unavailable for viewing by the customer servicerepresentative or person affiliated with the merchant.

FIG. 10 is a schematic flow chart illustrating another embodiment of amethod 1000 for placing telephone orders with an automated attendant.The method 1000 begins and creates 1002 and stores a customer billingprofile 112. The method 1000 establishes 1004 a telephonic connectionbetween the customer and an automated attendant of a merchant and sends1006 an identifier to the automated attendant and/or computer system ofthe merchant. The method 1000 identifies 1008, to the automatedattendant, products and/or services to be included in a sales order andallows 1010 electronic access to the customer billing profile 112 of thecustomer for processing the sales order, and the method 1000 ends. Inone embodiment, the sales identifier module 410 identifies 1008 to theautomated attendant the products and/or services of the sales order.

FIG. 11 is a schematic block diagram illustrating an embodiment of anapparatus 1100 for confirming identification of a customer. Theapparatus 1100 includes one embodiment of the telecommunicationapparatus 118 that includes a communications module 1102, anidentification module 1104, an ID request module 1106, and an IDconfirmation module 1108, which are described below.

The apparatus 1100, in one embodiment, includes a communications module1102 that establishes a telephonic connection between a customer servicerepresentative of a company and a customer through an electronic device106 of the customer. For example, the customer may call the company andthe computer 102 of the company may route the call through thetelecommunication apparatus 118 to the customer service representative.In another embodiment, the customer service representative calls thecustomer through the telecommunication apparatus 118. Typically, thetelecommunication apparatus 118 is part of or includes a telephonesystem used by customer service representatives of a company forcontacting or receiving calls from a customer. The company may be anygroup that requires verification of identity and/or to receive sensitiveinformation from a customer. In one embodiment, the company is amerchant and the communications module 1102 is similar to thecommunications module 202 and the phone connection module 404 describedabove.

The company may be from the banking industry, the financial industry,the medical industry, from the mortgage or loan industry, the autoindustry, from a government entity, a utility, a communications company,an airline, or the like. For example, the company may be an airline andthe customer may be making a reservation and the airline may need toverify identity of the customer. The company may be a merchant and thecustomer may be buying something from the merchant and the merchant maywant to verify the identity of the customer, for example if the customerwas buying a weapon, medication, etc. where verification of the identityof the customer is important. The company may be medical practice and amedical assistant may need to verify the identity of the customer, whichmay be a patient, before disclosing confidential information. Thecompany may be a government agency, such as the Internal RevenueService, and may require verification of identity before proceeding. Oneof skill in the art will recognize other companies that may requireidentification of a customer during a telephone connection anddiscussion with the customer. The company may be an electronics companyand the customer may have purchased a product from the company and maybe seeking warranty service. The company may need to verify identitybefore proceeding with the warranty service.

The customer service representative, in one embodiment, is a person thatworks for the company. In another embodiment, the customer servicerepresentative is an employee that is working on behalf of a companywhere the employer of the customer service representative works for thecompany and acts on behalf of the company. In another embodiment, thecustomer service representative is an automated attendant. The customerservice representative, in one embodiment, is as described above inrelation to the apparatuses 200, 300, 400, 500 of FIGS. 2-5. Oftencustomers are hesitant to provide identifying information to a customerservice representative during a telephone conversation over fears thatthe customer service representative may use the identifying informationin an inappropriate way. The telecommunication apparatus 118 and clientapparatus 120 provide a mechanism for the customer to verify identityduring a phone conversation with a customer service representative of acompany in a way that identifying information and sensitive informationsent to the company are hidden from the customer service representative.In addition, the telecommunication apparatus 118 and client apparatus120 provide a way to shorten the identification process and the processof transferring confidential and sensitive information to the company.

In one embodiment, the apparatus 1100 includes an identification module1104 that receives an identifier. The identifier is received inconjunction with the telephonic connection. The identifier, in oneembodiment, alerts the customer service representative and/or a computersystem of the company that the customer has a customer profile 122. Thecustomer profile 122 includes information to identify the customer andthe customer profile 122 is stored previous to the telephonicconnection. In one example, the identifier is sent in connection withestablishing the telephonic connection. In another example, theidentifier includes a link to the customer profile 122, where the linkis operable to access the customer profile 122. In another example, theidentifier is sent through an action by the customer and through theelectronic device 106. In one embodiment, the action by the customerincludes an action by the customer to transmit the information from thecustomer profile 122 during the telephonic connection. In anotherembodiment, the action by the customer includes a default setting thatprovides permission to transmit the information from the customerprofile 122 in response to establishing the telephonic connection.

The customer profile 122, in one embodiment includes or is the same asthe customer billing profile 112 discussed in relation to theapparatuses 200, 300, 400, 500 of FIGS. 2-5 and may include theinformation of a customer billing profile 112. For example, the customerprofile 122 may include a shipping address, a residential address, abusiness address, a phone number, a fax number, an email address, a dateof birth, a social security number or last four digits of a socialsecurity number, a user name, a preference, a mother's maiden name,passwords, family information, security question information, a driverslicense, and the like. In addition, the customer profile 122 may includehealthcare or medical information, such as a medical history,prescription information, medical records, blood type, and the like, mayinclude financial information, such as account information, loaninformation, credit information, etc. The customer profile 122 mayinclude any information that may be of a sensitive or a personal naturethat a customer may be required to deliver to a company but that thecustomer may not want a customer service representative to view. In oneembodiment, the customer profile 122 includes identifying informationthat may be used to confirm the identity of the customer. For example,the customer profile 122 may include one or more finger prints, retinascans, passwords, a voice print, and the like. The identifyinginformation, in one embodiment, includes information that may becompared to identifying information input by the customer at aparticular time. One of skill in the art will recognize otherinformation that a customer may store in a customer profile 122.

In one embodiment, the apparatus 1100 includes an ID request module 1106that sends a request to the customer to provide identifying informationvia the electronic device 106 of the customer, where the identifyinginformation is input to the electronic device 106 by the customer usingan electronic, non-verbal technique. An electronic, non-verbal techniqueincludes input through a keyboard, biometric scanner, camera, etc. wherethe customer does not verbally speak the identifying information to thecustomer service representative. In one embodiment, the customer profile122 may include a voiceprint and the electronic, non-verbal techniquemay be receiving a voiceprint through the microphone of the electronicdevice 106 where the voiceprint is electronically analyzed and comparedwith the voiceprint stored in the customer profile 122. One of skill inthe art will recognize other ways that a customer may input identifyinginformation through the electronic device 106 without speaking theidentifying information to the customer service representative.

In one embodiment, at least a portion of the identifying informationinput by the customer is masked from the customer servicerepresentative. In another embodiment, some or all of the identifyinginformation is not masked and is passed to the customer servicerepresentative. For example, identifying information, such as a passwordor social security number, may be masked from the customer servicerepresentative while other identifying information, such as a username,may be passed on to the customer service representative.

In one embodiment, the ID request module 1106 receives a verbal promptfrom the customer service representative and relays the verbal prompt asthe request. In another embodiment, the ID request module 1106 sends anelectronic message asking the customer to input the identifyinginformation. For example, the ID request module 1106 may send a messageto the client apparatus 120 to trigger the client apparatus 120 to askthe customer to input the identifying information. The client apparatus120 may display a message on a display, may activate a fingerprintreader and display instructions, may activate a camera for a retina scanand may display instructions for the retina scan, etc.

The request may ask the customer to provide a particular type ofidentifying information or may ask the customer to follow certain steps.In another embodiment, the request may be for more than one type ofidentifying information. For example, the request may be for a passwordalong with a fingerprint scan. In other embodiments, the request may befor other biometric information. In one embodiment, the ID requestmodule 1106 electronically signals the client apparatus 120 and/orelectronic device 106 to trigger a request by the client apparatus 120and/or electronic device 106. In another embodiment, the ID requestmodule 1106 sends a request and the client apparatus 120 and/orelectronic device 120 passes on the request. One of skill in the artwill recognize other forms of a request to the customer to provideidentifying information.

Masking the identifying information from the customer servicerepresentative includes hiding, concealing, etc. the identifyinginformation in a way that the identifying information is unavailable tothe customer service representative. For example, where the identifyinginformation is a fingerprint, the customer may input a fingerprint usinga fingerprint scanner on the electronic device 106 and the customerservice representative does not receive the fingerprint and cannotaccess any fingerprint or other biometric information stored in thecustomer profile 122. In another example, where the identifyinginformation is a password, the customer may input the password on akeypad of the electronic device 106 without the customer servicerepresentative receiving the password or having access to a storedpassword in the customer profile 122. In the case of a voiceprint, thecustomer may say a certain phrase that may be analyzed to identify thecustomer and the customer service representative may not receive audiowhen the customer is repeating the phrase and may not have access tovoice analysis data used to compare to a stored voice print. One ofskill in the art will recognize other techniques for masking orconcealing identifying information from the customer servicerepresentative while being input by the customer or being stored in thecustomer profile 122.

In one embodiment, the apparatus 1100 includes an ID confirmation module1108 that receives an identification confirmation in response to theidentifying information input by the customer matching the informationto identify the customer in the customer profile. The identificationconfirmation does not include the identifying information, but indicatesthe match between the identifying information input by the customer andthe information to identify the customer in the customer profile. In oneembodiment, the client apparatus 120 compares the identifyinginformation input by the customer and the information to identify thecustomer in the customer profile. In another embodiment, a computerexternal to the electronic device 106 compares the identifyinginformation input by the customer and the information to identify thecustomer in the customer profile.

In one embodiment, the device or service that compares the identifyinginformation input by the customer and the information to identify thecustomer in the customer profile and identifies a match is a trustedsource complying with identification requirements of the company. Forexample, verifying a match between the identifying information input bythe customer and the information to identify the customer in thecustomer profile may be part of a service that authenticatesidentification that meets security requirements of the company. Theservice that authenticates identification may comply with governmentstandards, company standards, industry standards, and the like. Theservice that compares the identifying information input by the customerand the information to identify the customer in the customer profile andauthenticates identification of the customer may provide assurances withregard to accuracy or other standards so that the company accepts theidentification confirmation without the customer providing theidentifying information to the customer service representative.

In one embodiment, the customer profile 122 is stored via a server 110separate from the electronic device 106 of the customer and the computersystem (i.e. computer 102) of the company and the server 110 sends theidentification confirmation received by the ID confirmation module 1108.In another embodiment, the customer profile 122 is part of or isaccessible to the electronic device 106 and the electronic device 106sends the identification confirmation.

FIG. 12 is a schematic block diagram illustrating an embodiment of anapparatus 1200 for receiving sensitive information. The apparatus 1200includes another embodiment of the telecommunication apparatus 118 witha communications module 1102 and an identification module 1104 which aresubstantially similar to those described above in relation to theapparatus 1100 of FIG. 11. The apparatus 1200 also includes a profilepermission module 1202 and a profile access module 1204, which aredescribed below.

In one embodiment, the apparatus 1200 includes a profile permissionmodule 1202 that receives electronic access to the customer profile 122.The customer profile 122 includes personal information of the customer,and the customer profile 122 is stored electronically in a computersystem external to a computer system (i.e. computer 102) available tothe company and to the customer service representative. The profilepermission module 1202, in various embodiments, receives electronicaccess to the customer profile 122 by receiving a link to a location ofthe customer profile 122, by receiving a password to access the customerprofile 122, by receiving a token with information about accessing thecustomer profile 122, and the like. The computer system storing thecustomer profile 122 may include a computer external to the electronicdevice 106, such as the server 110 of the system 101 of FIG. 1B, or mayinclude the electronic device 106. In various embodiments, the profilepermission module 1202 is similar to the billing profile access module206 and/or the billing profile module 408 describe above in relation tothe apparatuses 200, 300, 400, 500 of FIGS. 2-5.

The apparatus 1200 includes, in one embodiment, a profile access module1204 that accesses the customer profile 122 to transmit information fromthe customer profile 122 to the computer system of the company over anetwork 114, wherein the transmitted information of the customer profileis unavailable for viewing by the customer service representative. Forexample, the profile access module 1204 may receive and/or transfer theinformation from the customer profile 122 to the computer system of thecompany (i.e. computer 102) without displaying the information from thecustomer profile 122 on a display 116 accessible to the customer servicerepresentative. The computer system of the company may then use theinformation from the customer profile 122 in a way consistent with aneed for receiving the information from the customer profile 122.

For example, where the information is medical information, the computersystem of the company, which may be a HIPAA compliant computer, mayprovide access to the doctor of the customer while blocking access tothe information from a medical assistant calling the customer to get theinformation. In another example, where the customer is seeking anairline reservation and the company is an airline, the profile accessmodule 1204 may access information from the customer profile 122required for a flight, such as date of birth of the customer, anaddress, credit card information, etc. and the profile access module1204 may populate a flight reservation form without a customer servicerepresentative of the airline seeing the information.

In one embodiment, the profile access module 1204 accesses theinformation in the customer profile 122 by downloading the informationfrom the customer profile 122. In another embodiment, the profile accessmodule 1204 accesses the information in the customer profile 122 byreceiving the information after a server 110, electronic device 106,etc. transmits the information from the customer profile 122. In oneembodiment, the profile permission module 1202 receives electronicaccess to the customer profile 122 and the profile access module 1204accesses the customer profile 122 to transmit information from thecustomer profile 122 in one step. For example, the client apparatus 120may send the information from the customer profile 122 where thetelecommunication apparatus 118 both receives electronic access to theinformation and accesses the information from the customer profile 122.

In one embodiment, the profile permission module 1202 receiveselectronic access to the customer profile 122 and the profile accessmodule 1204 accesses the customer profile 122 to transmit informationfrom the customer profile 122 after an action by the customer. Forexample, the customer may press a button on a display of the electronicdevice 106 authorizing access, may enter a code, a fingerprint or otherbiometric information, a retina scan, etc. In another embodiment, theclient apparatus 120 automatically provides permission to access theinformation in the customer profile 122 after an authentication process.

In one embodiment, the customer service representative establishes thetelephonic connection and receives the identifier through a displayinterface of a customer service application running on a computeraccessible to the customer service representative (i.e. computer 102)and where the application receives electronic access to the customerprofile 122 and accesses the customer profile 122 to transmitinformation from the customer profile 122. The application utilizes theinformation from the customer profile 122 without displaying theinformation from the customer profile 122 to the customer servicerepresentative. In one embodiment, the telecommunication apparatus 118includes the application. The telecommunication apparatus 118 differsfrom other systems that independently establish a telephonic connectionand send data by integrating sensitive data transfer with a phone callbetween the customer and the customer service representative in a waythat the sensitive information is masked from the customer servicerepresentative.

FIG. 13 is a schematic block diagram illustrating an embodiment of anapparatus 1300 for confirming identification of a customer and receivingsensitive information. The apparatus 1300 includes an embodiment of thetelecommunication apparatus 118 with a communications module 1102, anidentification module 1104, an ID request module 1106, an IDconfirmation module 1108, a profile permission module 1202, and aprofile access module 1204 which are substantially similar to thosedescribed above in relation to the apparatuses 1100, 1200 of FIGS. 11and 12. In various embodiments, the apparatus 1300 may also include acommunications module 1302, a limit module 1304 in the profile accessmodule 1204, a notification module 1306, and a registration module 1308,which are described below.

In one embodiment, the apparatus 1300 operates to verify the identity ofthe customer, as with the apparatus 1100 of FIG. 11, and receivessensitive information from the customer profile 122 without disclosingthe information to the customer service representative, as with theapparatus 1200 of FIG. 12. Note that the communications module 1102, anidentification module 1104, an ID request module 1106, an IDconfirmation module 1108, a profile permission module 1202, and aprofile access module 1204 operate while the customer is telephonicallyconnected to the customer service representative. In one embodiment, theprofile permission module 1202 receives electronic access to thecustomer profile 122 after the ID confirmation module 1108 receives theidentification confirmation and the profile access module 1204 accessesinformation in the customer profile 122 after the profile permissionmodule 1202 receives electronic access to the customer profile 122.

The apparatus 1300, in one embodiment, includes a communications module1302 that establishes a data connection, in conjunction with thetelephonic connection, between the company and the customer. Forexample, the network 114 may be a cellular network that transmits voiceand data and the electronic device 106 may be capable of datatransmission, running applications, including the client apparatus 120,etc. during a phone call to the customer service representative. Inanother embodiment, the communications module 1302 establishes a dataconnection and the telephonic connection over separate channels,separate communication pathways, etc. In one embodiment, the dataconnection and the telephonic connection are established using theelectronic device 106 of the customer, where the electronic device 106is a single electronic device. In another embodiment, the communicationsmodule 1302 is substantially similar to the data communications module312 of the apparatus 300 of FIG. 3.

In one embodiment, the apparatus 1300 includes a profile access module1204 that includes a limit module 1304 that limits informationtransmitted from the customer profile 122 to information relevant tobusiness interactions between the customer and the company and thatexcludes transmitting of information in the customer profile 122 that isnot relevant to business interactions between the customer and thecompany. For example, the company may be a bank and the limit module1304 may limit the information transmitted from the customer profile 122to customer bank account information, a customer address, a socialsecurity number of the customer, and other information relevant tobanking while excluding transmission of medical information stored inthe customer profile 122. In one embodiment, the telecommunicationapparatus 118 is limited during a setup process to information relevantto the company operating the telecommunication apparatus 118. In otherembodiments, the limit module 1304 limits information based on atransaction type. One of skill in the art will recognize other ways thatthe limit module 1304 may limit information transmitted from thecustomer profile 122 to information relevant to the type of businesstransactions occurring between the customer and the company.

The apparatus 1300, in one embodiment, includes a notification module1306 that notifies the customer service representative that the profileaccess module 1204 has received the information from the customerprofile 122. In another embodiment, the notification module 1306notifies the customer service representative that the ID confirmationmodule 1108 received the identification confirmation. In an embodimentwhere the apparatus includes the modules 1102, 1104, 1106, 1108, 1202,1204 for both verifying identification of the customer and receivingsensitive information, the notification may notify the customer servicerepresentative that the profile access module 1204 has received theinformation from the customer profile 122 and notify the customerservice representative that the ID confirmation module 1108 received theidentification confirmation. Where the notification module 1306 notifiesthe customer service representative that the ID confirmation module 1108received the identification confirmation, the notification to thecustomer service representative and the identification confirmation donot include the identifying information input by the customer or storedin the customer profile 122. Where the notification module 1306 thatnotifies the customer service representative that the profile accessmodule 1204 has received the information from the customer profile 122,the notification does not include the information from the customerprofile 122.

The apparatus 1300, in one embodiment, includes a registration module1308 that receives and stores information in the customer profile 122 ofthe customer. The registration module 1308 receives and stores theinformation in the customer profile 122 in a transaction unrelated tothe telephonic connection. While the registration module 1308 is shownin the telecommunication apparatus 118, the telecommunication apparatus118 may merely facilitate storing information in the customer profile122 without receiving information in the customer profile 122 so thatthe information is transmitted from the customer to the customer profile122 without the information going to or through the computer 102 of thecompany. In other embodiments, the registration module 1308 is locatedin the client apparatus 120, the server 110 or other locationindependent of the computer system (i.e. computer 102) of the company.For example, a group or service provider independent of the company maysolicit customers to store a customer profile 122 and may contract withcompanies to use a service where customers can validate identity withoutsending identifying information to the company and may send sensitiveinformation from the customer profile 122 of the customer to the companywithout a customer service representative viewing the sensitiveinformation.

In one embodiment, information passed among the company, the customer,and third-parties includes one or more tokens, where the identifierand/or the information from the customer profile are transmitted usingone or more tokens. The tokens may be substantially similar to thetokens discussed above in relation to the apparatuses 200, 300, 400, 500of FIGS. 2-5.

FIG. 14 is a schematic flow chart illustrating an embodiment of a method1400 for confirming identification of a customer. The method 1400 beginsand establishes 1402 a telephonic connection between a customer servicerepresentative of a company and a customer through an electronic device106 of the customer. In one embodiment, the communications module 1102establishes 1402 the telephonic connection. The method 1400 receives1404 an identifier, where the identifier alerts the customer servicerepresentative and/or a computer system of the company that the customerhas a customer profile 122. The customer profile 122 includesinformation to identify the customer. The identifier is received inconjunction with the telephonic connection and the customer profile 122stored previous to the telephonic connection. In one embodiment, theidentification module 1104 receives 1404 an identifier.

The method 1400 send 1406 a request to the customer to provideidentifying information via the electronic device 106 of the customer.The identifying information is input through the electronic device 106by the customer using an electronic, non-verbal technique. In anotherembodiment, at least a portion of the identifying input is masked fromthe customer service representative. In one example, the ID requestmodule 1106 sends 1406 a request to the customer to provide identifyinginformation via the electronic device 106. The method 1400 determines1408 if the identifying information input by the customer matches theinformation to identify the customer in the customer profile 122. If themethod 1400 determines 1408 that the identifying information input bythe customer matches the information to identify the customer in thecustomer profile 122, the method 1400 receives 1410 an identificationconfirmation, and the method 1400 ends. If the method 1400 determines1408 that the identifying information input by the customer does notmatch the information to identify the customer in the customer profile122, the method 1400 ends. in one example, the ID confirmation module1108 receives 1410 the identification confirmation.

FIG. 15 is a schematic flow chart illustrating an embodiment of a method1500 for receiving sensitive information. The method 1500 begins andestablishes 1502 a telephonic connection between a customer servicerepresentative of a company and a customer through an electronic device106 of the customer. In one embodiment, the communications module 1102establishes 1502 the telephonic connection. The method 1500 receives1504 an identifier, where the identifier alerts the customer servicerepresentative and/or a computer system of the company that the customerhas a customer profile 122. The customer profile 122 includesinformation to identify the customer. The identifier is received inconjunction with the telephonic connection and the customer profile 122stored previous to the telephonic connection. In one embodiment, theidentification module 1104 receives 1504 an identifier.

The method 1500 receives 1506 electronic access to the customer profile122. The customer profile 122 includes personal information of thecustomer and the customer profile 122 is stored electronically in acomputer system external to a computer system available to the companyand to the customer service representative. In one example, the profilepermission module 1202 receives 1506 electronic access to the customerprofile 122. The method 1500 accesses 1508 the customer profile 122 totransmit information from the customer profile 122 to the computersystem of the company over a network, where the transmitted informationof the customer profile 122 is unavailable for viewing by the customerservice representative, and the method 1500 ends. In one embodiment, theprofile access module 1204 accesses 1508 the customer profile 122.

FIG. 16 is a schematic flow chart illustrating an embodiment of a method1600 for confirming identification of a customer and receiving sensitiveinformation. The method 1600 begins and receives 1602 and storescustomer information in a customer profile 122 of a customer. In oneembodiment, the registration module 1308 receives 1602 and storescustomer information in a customer profile 122. The method 1600establishes 1604 a telephonic connection between a customer servicerepresentative of a company and a customer through an electronic device106 of the customer. In one embodiment, the communications module 1102establishes 1604 the telephonic connection. The method 1500 receives1606 an identifier, where the identifier alerts the customer servicerepresentative and/or a computer system of the company that the customerhas a customer profile 122. The customer profile 122 includesinformation to identify the customer. The identifier is received inconjunction with the telephonic connection and the customer profile 122stored previous to the telephonic connection. In one embodiment, theidentification module 1104 receives 1606 the identifier.

The method 1600 sends 1608 a request to the customer to provideidentifying information via the electronic device 106 of the customer,where the identifying information is input through the electronic device106 by the customer using an electronic, non-verbal technique. In oneembodiment, at least a portion of the identifying information is maskedfrom the customer service representative. The method 1600 determines1610 if the identifying information input by the customer matches theinformation to identify the customer in the customer profile 122. If themethod 1600 determines 1610 that the identifying information input bythe customer does not match the information to identify the customer inthe customer profile 122, the method 1600 receives 1612 anidentification rejection and returns and sends 1608 another request tothe customer to provide identifying information via the electronicdevice 106 of the customer. If the method 1600 determines 1610 that theidentifying information input by the customer matches the information toidentify the customer in the customer profile 122, the method 1600receives 1614 an identification confirmation and notifies 1616 thecustomer service representative of the identification confirmation. Thenotification module 1306 notifies 1616 the customer servicerepresentative.

The method 1600 transmits 1618 a request from the customer servicerepresentative to the customer to provide information from the customerprofile 122. For example, the customer service representative mayrequest the information using the telephonic connection orelectronically through the client apparatus 120. The request may be forspecific information and the customer may authorize specific informationfrom the customer profile 122 to be transmitted. The method 1600receives 1620 electronic access to the customer profile 122, where thecustomer profile includes personal information of the customer. Thecustomer profile 122 is stored electronically in a computer systemexternal to a computer system available to the company and to thecustomer service representative. The method 1600 accesses 1622 thecustomer profile 122 to transmit information from the customer profile122 to the computer system of the company over a network, where thetransmitted information of the customer profile 122 is unavailable forviewing by the customer service representative, the method 1600 notifies1624 the customer service representative that the information from thecustomer profile 122 has been accessed, and the method 1600 ends. In oneembodiment, the notification module 1306 notifies 1624 the customerservice representative.

FIG. 17 is a schematic block diagram illustrating an embodiment of anapparatus 1700 for a customer to confirm identification. The apparatus1700 includes one embodiment of the client apparatus 120 that includes acommunications module 1702, an identification send module 1704, an IDrequest receiver module 1706, an ID input module 1708, an ID comparisonmodule 1710, and an ID confirmation transmit module 1712, which aredescribed below. The client apparatus 120 is shown in the electronicdevice 106 in FIG. 1B, but may be in the server 110 or may be splitbetween the electronic device 106 of the customer and one or more othercomputing devices.

The apparatus 1700, in one embodiment, includes a communications module1702 that a telephonic connection between a customer servicerepresentative of a company and a customer through an electronic device106 of a customer. For example, the client apparatus 120 may include anapplication running on the electronic device 106 and the customer mayaccess the application and the communications module 1702 may establishthe telephonic connection. In one embodiment, the communications module1102 of the telecommunication apparatus 118 and the communicationsmodule 1702 of the client apparatus 120 work together to establish thetelephonic connection.

The apparatus 1700, in one embodiment, includes an identification sendmodule 1704 that sends an identifier, where the identifier alerts thecustomer service representative and/or a computer system of the companythat the customer has a customer profile 122. The customer profile 122includes information to identify the customer, and the identifier isreceived in conjunction with the telephonic connection. The customerprofile 122 is stored previous to the telephonic connection. Forexample, the registration module 1308 may be part of the clientapparatus 120 and may be used to receive and store information from thecustomer in the customer profile 122 of the customer.

For example, when a customer calls a company and establishes atelephonic connection with a customer service representative of thecompany, the identification send module 1704 may alert the customerservice representative that the customer has previously stored acustomer profile 122 and is a user of an application that facilitatesidentification of the customer and/or transfer of sensitive informationto the company without the customer service representative viewing thesensitive information. The identification send module 1704 may alert thecustomer service representative so that the customer servicerepresentative handles the call differently than other calls where acustomer does not have a stored customer profile 122. The identificationsend module 1704 may alert the customer service representative at thebeginning of the telephonic connection or at a time chosen by thecustomer.

The apparatus 1700 includes, in one embodiment, an ID request receivermodule 1706 that receives a request from the customer servicerepresentative and/or the computer system of the company to provideidentifying information via the electronic device 106 of the customerand that displays the request to the customer via the electronic device106. For example, during a telephone communication between the customerand the customer service representative, the customer may need to verifythe customer's identity for some reason. For example, the customerservice representative may require confirmation of identity of thecustomer before providing information to the customer. The request, inone embodiment, is an electronic request initiated by the customerservice representative or by the telecommunications apparatus 118 thatarrives through the electronic device 106.

The apparatus 1700, in one example, includes an ID input module 1708that receives through the electronic device 106 the identifyinginformation from the customer using an electronic, non-verbal technique.In one embodiment, at least a portion of the identifying information ismasked from the customer service representative. For example, the IDinput module 1708 may receive the identifying information through afingerprint reader or other biometric reader, a camera performing aretina scan on the customer, entry of a password by the customer via akeyboard of the electronic device 106, etc. In each instance, the inputof the customer of the identifying information may be masked from thecustomer service representative.

The apparatus 1700, in one embodiment, includes an ID comparison module1710 that compares the identifying information input by the customerwith the information to identify the customer in the customer profile122. For example, if the customer previously stored a fingerprint of theright index finger in the customer profile, the ID comparison module1710 compares input from a fingerprint reader on the electronic device106 or connected to the electronic device 106. The ID comparison module1710 compares the type of information input by the customer with similarinformation stored in the customer profile 122. In one embodiment, thecustomer profile 122 is secure to prevent tampering by unauthorizedindividuals so that the comparison of the ID comparison module 1710 hasa high degree of accuracy in verifying the identity of the customer.

The apparatus 1700, in one embodiment, includes an ID confirmationtransmit module 1712 that transmits an identification confirmation tothe computer system of the company in response to the identifyinginformation input by the customer matching the information to identifythe customer in the customer profile 122. In another embodiment, the IDconfirmation transmit module 1712 transmits an identification rejectionwhere the identifying information input by the user does not match theinformation in the customer profile 122. The identification confirmationdoes not include the identifying information input by the customer orstored in the customer profile 122, which facilitates verification ofidentity of the customer without exposing the customer servicerepresentative to the identifying information.

FIG. 18 is a schematic block diagram illustrating an embodiment of anapparatus 1800 for a customer to control transmission of sensitiveinformation. The apparatus 1800 includes one embodiment of a clientapparatus 120 with a communications module 1702, and an identificationsend module 1704, which are substantially similar to those describedabove in relation to the apparatus 1700 of FIG. 17. The apparatus 1800also includes a profile permission transmit module 1802, which isdescribed below.

The apparatus 1900, in one embodiment, includes a profile permissiontransmit module 1802 that provides electronic access to the customerprofile 122. The customer profile 122 includes personal information ofthe customer and the customer profile 122 is stored electronically in acomputer system external to a computer system available to the companyand to the customer service representative. The profile permissiontransmit module 1802, in one embodiment, provides electronic access tothe customer profile 122 after a verification process. In anotherembodiment, the profile permission transmit module 1802 provideselectronic access to the customer profile 122 without verifyingidentification of the customer.

In one embodiment, the profile permission transmit module 1802 providesaccess to the information in the customer profile 122 after a requestfor information from the telecommunications apparatus 118, the computingsystem of the company, or the customer service representative. Inanother embodiment, the computer system of the company accesses thecustomer profile 122 to transmit information from the customer profile122 to the computer system of the company over a network, where thetransmitted information of the customer profile 122 is unavailable forviewing by the customer service representative.

FIG. 19 is a schematic block diagram illustrating an embodiment of anapparatus 1900 for a customer to confirm identification and to controltransmission of sensitive information. The apparatus 1900 includesanother embodiment of the client apparatus 120 with a communicationsmodule 1702, an identification send module 1704, an ID request receivermodule 1706, an ID input module 1708, an ID comparison module 1710, andan ID confirmation transmit module 1712, which are substantially similarto those describe above in relation to the apparatus 1700 of FIG. 17 anda profile permission transmit module 1802, which is substantiallysimilar to that describe above in relation to the apparatus 1800 of FIG.18. The apparatus 1900, in various embodiments, includes an informationlimit module 1902, and a registration module 1904, which are describedbelow.

In one embodiment, the apparatus 1900 includes an information limitmodule 1902 that limits which information in the customer profile 122 isaccessible by the computer system of the company. For example, theinformation limit module 1902 may detect a company type and may makeavailable only information pertaining to the business transactions ofthe company. In another embodiment, the information limit module 1902receives, from the customer, selections of which information in thecustomer profile 122 is accessible by the computer system of thecompany. For example, where the company is a healthcare provider, theinformation limit module 1902 may receive input from the customer tolimit information made accessible to the company to only medicalinformation. One of skill in the art will recognize other ways to limitwhich information in a customer profile 122 is accessible to a company.

The apparatus 1900, in one embodiment, includes a registration module1904 that receives and stores information in the customer profile 122 ofthe customer. The registration module 1904 receives and stores theinformation in the customer profile 122 in a transaction unrelated tothe telephonic connection. For example, the customer may store personalinformation in the customer profile 122 to be used with variouscompanies such as medical professionals, airlines, financialinstitutions, vendors, merchants, government institutions, etc. beforethe information is accessed by the companies.

FIG. 20 is a schematic flow chart illustrating an embodiment of a method2000 for a customer to confirm identification. The method 2000 beginsand establishes 2002 a telephonic connection between a customer servicerepresentative of a company and a customer through an electronic device106 of the customer. The communications module 1702 may establish 2002the telephonic connection, in one embodiment. The method 2000 sends 2004an identifier, where the identifier alerts the customer servicerepresentative and/or a computer system of the company that the customerhas a customer profile 122. The customer profile 122 includesinformation to identify the customer and the identifier is received inconjunction with the telephonic connection. The customer profile 122 isstored previous to the telephonic connection. In one embodiment, theidentification send module 1704 sends 2004 the identifier.

The method 2000 receives 2006 a request from the customer servicerepresentative to provide identifying information via the electronicdevice 106 of the customer and displays 2008 the request to the customervia the electronic device 106. The ID request receiver module 1706, inone embodiment, receives 2006 the request and displays 2008 the requeston the electronic device 106. The method 2000 receives 2010 theidentifying information through the electronic device 106 from thecustomer using an electronic, non-verbal technique. The identifyinginformation may be masked from the customer service representative. Forexample, the ID input module 1708 may receive 2010 the identifyinginformation from the customer.

The method 2000 compares 2012 the identifying information input by thecustomer with the information to identify the customer in the customerprofile 122. In one example, the ID comparison module 1710 compares 2012the identifying information input by the customer with the informationto identify the customer in the customer profile 122. The method 2000determines 2014 if the identifying information input by the customermatches the information to identify the customer in the customer profile122. If the method 2000 determines 2014 that the identifying informationinput by the customer does not match the information to identify thecustomer in the customer profile 122, the method 2000 transmits 2016 anidentification rejection to the computer system of the company and/or tothe customer service representative, and the method 2000 returns andreceives 2006 a request for the user to input identifying information.If the method 2000 determines 2014 that the identifying informationinput by the customer matches the information to identify the customerin the customer profile 122, the method 2000 transmits an identificationconfirmation to the computer system of the company, and the method 2000ends. The ID confirmation transmit module 1712 may determine 2014 if theidentifying information input by the customer matches the information toidentify the customer in the customer profile 122, may transmit 2016 theidentification rejection, and may transmit 2018 the identificationconfirmation.

FIG. 21 is a schematic flow chart illustrating an embodiment of a method2100 for a customer to confirm identification and to controltransmission of sensitive information. The method 2100 begins andreceives 2102 and stores information in the customer profile 122 of thecustomer. The registration module 1904, in one embodiment, receives 2102and stores information in the customer profile 122 of the customer. Themethod 2100 establishes 2104 a telephonic connection between a customerservice representative of a company and a customer through an electronicdevice 106 of the customer. The method 2100 sends 2106 an identifier,where the identifier alerts the customer service representative and/or acomputer system of the company that the customer has a customer profile122. The customer profile 122 includes information to identify thecustomer and the identifier is received in conjunction with thetelephonic connection. The customer profile 122 is stored previous tothe telephonic connection.

The method 2100 receives 2108 a request from the customer servicerepresentative and/or computer system of the company to provideidentifying information via the electronic device 106 of the customerand displays 2110 the request to the customer via the electronic device106. The method 2100 receives 2112 identifying information from thecustomer using an electronic, non-verbal technique. The identifyinginformation may be masked from the customer service representative.

The method 2100 compares 2114 the identifying information input by thecustomer with the information to identify the customer in the customerprofile 122. The method 2100 determines 2116 if the identifyinginformation input by the customer matches the information to identifythe customer in the customer profile 122. If the method 2100 determines2116 that the identifying information input by the customer does notmatch the information to identify the customer in the customer profile122, the method 2100 transmits 2118 an identification rejection to thecomputer system of the company and/or to the customer servicerepresentative, and the method 2100 returns and receives 2108 a requestfor the user to input identifying information.

If the method 2100 determines 2116 that the identifying informationinput by the customer matches the information to identify the customerin the customer profile 122, the method 2100 transmits 2120 anidentification confirmation to the computer system of the company. Themethod 2100 limits 2122 which information in the customer profile 122 isaccessible by the computer system of the company. In one embodiment, themethod 2100 receives, from the customer, selections of which informationin the customer profile 122 is accessible by the computer system of thecompany. In one embodiment, the information limit module 1902 limits2122 which information in the customer profile 122 is accessible by thecomputer system of the company. The method 2100 provides 2124 electronicaccess to the customer profile 122, and the method 2100 ends. Thecustomer profile 122 includes personal information of the customer andthe customer profile 122 is stored electronically in a computer systemexternal to a computer system available to the company and to thecustomer service representative. In one example, the profile permissiontransmit module 1802 provides 2124 electronic access to the customerprofile 122.

The present invention may be embodied in other specific forms withoutdeparting from its spirit or essential characteristics. The describedembodiments are to be considered in all respects only as illustrativeand not restrictive. The scope of the invention is, therefore, indicatedby the appended claims rather than by the foregoing description. Allchanges which come within the meaning and range of equivalency of theclaims are to be embraced within their scope.

What is claimed is:
 1. An apparatus comprising: a communications modulethat establishes a telephonic connection between a customer servicerepresentative of a company and a customer through an electronic deviceof the customer; an identification module that receives an identifier,the identifier alerting one or more of the customer servicerepresentative and a computer system of the company that the customerhas a customer profile, the customer profile comprising information toidentify the customer, the identifier received in conjunction with thetelephonic connection, the customer profile stored previous to thetelephonic connection; an ID request module that sends a request to thecustomer to provide identifying information via the electronic device ofthe customer, wherein the identifying information is input to theelectronic device by the customer using an electronic, non-verbaltechnique; and an ID confirmation module that receives an identificationconfirmation in response to the identifying information input by thecustomer matching the information to identify the customer in thecustomer profile, wherein at least a portion of said modules compriseone or more of hardware and executable code, the executable code storedon one or more non-transitory, tangible computer readable storage media.2. The apparatus of claim 1, further comprising: a profile permissionmodule that receives electronic access to the customer profile, thecustomer profile comprising personal information of the customer, thecustomer profile stored electronically in a computer system external toa computer system available to the company and to the customer servicerepresentative, wherein the profile permission module receiveselectronic access to the customer profile after the ID confirmationmodule receives the identification confirmation; and a profile accessmodule that accesses the customer profile to transmit information fromthe customer profile to the computer system of the company over acomputer network, wherein the transmitted information of the customerprofile is unavailable for viewing by the customer servicerepresentative.
 3. The apparatus of claim 1, wherein at least a portionof the identifying information input by the customer through theelectronic device is masked from the customer service representative. 4.The apparatus of claim 1, further comprising a communications modulethat establishes a data connection, in conjunction with the telephonicconnection, between the company and the customer.
 5. The apparatus ofclaim 1, wherein the identifying information stored in the customerprofile comprises one or more of a password and biometric informationand wherein the identifying information input by the customer is inputthrough the electronic device using one or more of a camera of theelectronic device, a biometric reader of the electronic device, and akeyboard of the electronic device.
 6. The apparatus of claim 1, whereinthe customer profile is stored via a server separate from the electronicdevice of the customer and the computer system of the company andwherein the server sends the identification confirmation received by theID confirmation module.
 7. The apparatus of claim 1, wherein the IDrequest module sends the request to the customer to provide theidentifying information by one or more of: sending an electronic messageto the electronic device; and transmitting a voice prompt of thecustomer service representative.
 8. The apparatus of claim 1, furthercomprising a notification module that notifies the customer servicerepresentative that the ID confirmation module received theidentification confirmation.
 9. The apparatus of claim 1, furthercomprising a registration module that receives and stores information inthe customer profile of the customer, the registration module receivingand storing the information in the customer profile in a transactionunrelated to the telephonic connection.
 10. The apparatus of claim 1,wherein the customer profile of the customer comprises one or more of ashipping address, a residential address, a business address, a phonenumber, a fax number, an email address, a birth date, a social securitynumber, healthcare information, a finger print, a retina scan, apassword, a user name, a preference, family information, securityquestion information and financial information of the customer.
 11. Anapparatus comprising: a communications module that establishes atelephonic connection between a customer service representative of acompany and a customer through an electronic device of the customer; anidentification module that receives an identifier, the identifieralerting one or more of the customer service representative and acomputer system of the company that the customer has a customer profile,the identifier received in conjunction with the telephonic connection,the customer profile stored previous to the telephonic connection; aprofile permission module that receives electronic access to thecustomer profile, the customer profile comprising personal informationof the customer, the customer profile stored electronically in acomputer system external to a computer system available to the companyand to the customer service representative; and a profile access modulethat accesses the customer profile to transmit information from thecustomer profile to the computer system of the company over a network,wherein the transmitted information of the customer profile isunavailable for viewing by the customer service representative, whereinat least a portion of said modules comprise one or more of hardware andexecutable code, the executable code stored on one or morenon-transitory, tangible computer readable storage media.
 12. Theapparatus of claim 11, wherein the customer profile comprisinginformation to identify the customer and further comprising: an IDrequest module that sends a request to the customer to provideidentifying information via the electronic device of the customer,wherein the identifying information is input to the electronic device bythe customer using an electronic, non-verbal technique; and an IDconfirmation module that receives an identification confirmation inresponse to the identifying information input by the customer matchingthe information to identify the customer in the customer profile,wherein the profile permission module receives electronic access to thecustomer profile after the ID confirmation module receives theidentification confirmation.
 13. The apparatus of claim 11, wherein thecustomer service representative establishes the telephonic connectionand receives the identifier through a display interface of a customerservice application running on a computer accessible to the customerservice representative and wherein the application receives electronicaccess to the customer profile and accesses the customer profile totransmit information from the customer profile, wherein the applicationutilizes the information from the customer profile without displayingthe information from the customer profile to the customer servicerepresentative.
 14. The apparatus of claim 11, wherein the profileaccess module further comprises a limit module that limits informationtransmitted from the customer profile to information relevant tobusiness interactions between the customer and the company and thatexcludes transmitting of information in the customer profile that is notrelevant to business interactions between the customer and the company.15. The apparatus of claim 11, further comprising a notification modulethat notifies the customer service representative that the profileaccess module has received the information from the customer profile.16. The apparatus of claim 11, wherein information from the customerprofile is received in response to an action by the customer, the actionapproving transmitting information from the customer profile to thecomputer system of the company.
 17. The apparatus of claim 11, furthercomprising a communications module that establishes a data connection,in conjunction with the telephonic connection, between the company andthe customer.
 18. The apparatus of claim 11, further comprising aregistration module that receives and stores information in the customerprofile of the customer, the registration module receiving and storingthe information in the customer profile in a transaction unrelated tothe telephonic connection.
 19. The apparatus of claim 11, whereininformation passed among the company, the customer, and third-partiescomprises one or more tokens, wherein one or more of the identifier andthe information from the customer profile are transmitted using one ormore tokens.
 20. The apparatus of claim 11, wherein the customer profileof the customer comprises one or more of a shipping address, aresidential address, a business address, a phone number, a fax number,an email address, a birth date, a social security number, healthcareinformation, a finger print, a retina scan, a password, a user name, apreference, family information, security question information andfinancial information of the customer.
 21. A method comprising:establishing a telephonic connection between a customer servicerepresentative of a company and a customer through an electronic deviceof the customer; receiving an identifier, the identifier alerting one ormore of the customer service representative and a computer system of thecompany that the customer has a customer profile, the customer profilecomprising information to identify the customer, the identifier receivedin conjunction with the telephonic connection, the customer profilestored previous to the telephonic connection; sending a request to thecustomer to provide identifying information via the electronic device ofthe customer, wherein the identifying information is input to theelectronic device by the customer using an electronic, non-verbaltechnique; and receiving an identification confirmation in response tothe identifying information input by the customer matching theinformation to identify the customer in the customer profile.
 22. Themethod of claim 21, further comprising: receiving electronic access tothe customer profile, the customer profile comprising personalinformation of the customer, the customer profile stored electronicallyin a computer system external to a computer system available to thecompany and to the customer service representative, wherein receivingelectronic access to the customer profile is in response to receivingthe identification confirmation; and accessing the customer profile totransmit information from the customer profile to the computer system ofthe company over a network, wherein the transmitted information of thecustomer profile is unavailable for viewing by the customer servicerepresentative.
 23. The method of claim 21, wherein the identifyinginformation stored in the customer profile comprises one or more of apassword and biometric information and wherein the identifyinginformation input by the customer is input through the electronic deviceusing one or more of a camera of the electronic device, a biometricreader of the electronic device, and a keyboard of the electronicdevice.
 24. The method of claim 21, further comprising notifying thecustomer service representative that the identification confirmation wasreceived.
 25. The method of claim 21, further comprising receiving andstoring information in the customer profile of the customer, whereinreceiving and storing the information in the customer profile comprisesin a transaction unrelated to the telephonic connection.
 26. A methodcomprising: establishing a telephonic connection between a customerservice representative of a company and a customer through an electronicdevice of the customer; receiving an identifier, the identifier alertingone or more of the customer service representative and a computer systemof the company that the customer has a customer profile, the identifierreceived in conjunction with the telephonic connection, the customerprofile stored previous to the telephonic connection; receivingelectronic access to the customer profile, the customer profilecomprising personal information of the customer, the customer profilestored electronically in a computer system external to a computer systemavailable to the company and to the customer service representative; andaccessing the customer profile to transmit information from the customerprofile to the computer system of the company over a network, whereinthe transmitted information of the customer profile is unavailable forviewing by the customer service representative.
 27. The method of claim26, wherein the customer profile comprising information to identify thecustomer and further comprising: sending a request to the customer toprovide identifying information via the electronic device of thecustomer, wherein the identifying information is input to the electronicdevice by the customer using an electronic, non-verbal technique; andreceiving an identification confirmation in response to the identifyinginformation input by the customer matching the information to identifythe customer in the customer profile, wherein receiving electronicaccess to the customer profile is in response to receiving theidentification confirmation.
 28. The method of claim 26, wherein thecustomer service representative establishes the telephonic connectionand receives the identifier through a display interface of a customerservice application running on a computer accessible to the customerservice representative and wherein the application receives electronicaccess to the customer profile and accesses the customer profile totransmit information from the customer profile, wherein the applicationutilizes the information from the customer profile without displayingthe information from the customer profile to the customer servicerepresentative.
 29. The method of claim 26, further comprising limitinginformation transmitted from the customer profile to informationrelevant to business interactions between the customer and the companyand excluding transmitting of information in the customer profile thatis not relevant to business interactions between the customer and thecompany.